diff --git a/internal/applicant/applicant.go b/internal/applicant/applicant.go
index 6040b902..c6d5608d 100644
--- a/internal/applicant/applicant.go
+++ b/internal/applicant/applicant.go
@@ -64,6 +64,7 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err
 		CAProviderAccessConfig:  make(map[string]any),
 		CAProviderServiceConfig: nodeCfg.CAProviderConfig,
 		KeyAlgorithm:            nodeCfg.KeyAlgorithm,
+		ACMEProfile:             nodeCfg.ACMEProfile,
 		Nameservers:             xslices.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }),
 		DnsPropagationWait:      nodeCfg.DnsPropagationWait,
 		DnsPropagationTimeout:   nodeCfg.DnsPropagationTimeout,
@@ -235,6 +236,7 @@ func applyUseLego(legoProvider challenge.Provider, options *applicantProviderOpt
 	certRequest := certificate.ObtainRequest{
 		Domains: options.Domains,
 		Bundle:  true,
+		Profile: options.ACMEProfile,
 	}
 	if options.ARIReplaceAcct == user.Registration.URI {
 		certRequest.ReplacesCertID = options.ARIReplaceCert
diff --git a/internal/applicant/providers.go b/internal/applicant/providers.go
index c5de24ef..7b07997f 100644
--- a/internal/applicant/providers.go
+++ b/internal/applicant/providers.go
@@ -63,6 +63,7 @@ type applicantProviderOptions struct {
 	DnsPropagationWait      int32
 	DnsPropagationTimeout   int32
 	DnsTTL                  int32
+	ACMEProfile             string
 	DisableFollowCNAME      bool
 	ARIReplaceAcct          string
 	ARIReplaceCert          string
diff --git a/internal/domain/workflow.go b/internal/domain/workflow.go
index 50997019..04ba1e4f 100644
--- a/internal/domain/workflow.go
+++ b/internal/domain/workflow.go
@@ -75,6 +75,7 @@ type WorkflowNodeConfigForApply struct {
 	CAProviderAccessId    string         `json:"caProviderAccessId,omitempty"`    // CA 提供商授权记录 ID
 	CAProviderConfig      map[string]any `json:"caProviderConfig,omitempty"`      // CA 提供商额外配置
 	KeyAlgorithm          string         `json:"keyAlgorithm"`                    // 证书算法
+	ACMEProfile           string         `json:"acmeProfile,omitempty"`           // ACME Profiles Extension
 	Nameservers           string         `json:"nameservers,omitempty"`           // DNS 服务器列表，以半角分号分隔
 	DnsPropagationWait    int32          `json:"dnsPropagationWait,omitempty"`    // DNS 传播等待时间，等同于 lego 的 `--dns-propagation-wait` 参数
 	DnsPropagationTimeout int32          `json:"dnsPropagationTimeout,omitempty"` // DNS 传播检查超时时间（零值时使用提供商的默认值）
@@ -130,6 +131,7 @@ func (n *WorkflowNode) GetConfigForApply() WorkflowNodeConfigForApply {
 		CAProviderAccessId:    xmaps.GetString(n.Config, "caProviderAccessId"),
 		CAProviderConfig:      xmaps.GetKVMapAny(n.Config, "caProviderConfig"),
 		KeyAlgorithm:          xmaps.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)),
+		ACMEProfile:           xmaps.GetString(n.Config, "acmeProfile"),
 		Nameservers:           xmaps.GetString(n.Config, "nameservers"),
 		DnsPropagationWait:    xmaps.GetInt32(n.Config, "dnsPropagationWait"),
 		DnsPropagationTimeout: xmaps.GetInt32(n.Config, "dnsPropagationTimeout"),
diff --git a/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx b/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx
index 0edd6a4a..cdcb689c 100644
--- a/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx
+++ b/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx
@@ -113,6 +113,7 @@ const ApplyNodeConfigForm = forwardRef<ApplyNodeConfigFormInstance, ApplyNodeCon
         (v) => (v == null || v === "" ? undefined : Number(v)),
         z.number().int(t("workflow_node.apply.form.dns_ttl.placeholder")).gte(1, t("workflow_node.apply.form.dns_ttl.placeholder")).nullish()
       ),
+      acmeProfile: z.string().nullish(),
       disableFollowCNAME: z.boolean().nullish(),
       disableARI: z.boolean().nullish(),
       skipBeforeExpiryDays: z.preprocess(
@@ -454,6 +455,20 @@ const ApplyNodeConfigForm = forwardRef<ApplyNodeConfigFormInstance, ApplyNodeCon
               placeholder={t("workflow_node.apply.form.key_algorithm.placeholder")}
             />
           </Form.Item>
+
+          <Form.Item
+            name="acmeProfile"
+            label={t("workflow_node.apply.form.acme_profile.label")}
+            rules={[formRule]}
+            tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.apply.form.acme_profile.tooltip") }}></span>}
+          >
+            <AutoComplete
+              allowClear
+              options={["classic", "tlsserver", "shortlived"].map((value) => ({ value }))}
+              placeholder={t("workflow_node.apply.form.acme_profile.placeholder")}
+              filterOption={(inputValue, option) => option!.value.toLowerCase().includes(inputValue.toLowerCase())}
+            />
+          </Form.Item>
         </Form>
 
         <Divider size="small">
diff --git a/ui/src/domain/workflow.ts b/ui/src/domain/workflow.ts
index d37a16f5..689d3488 100644
--- a/ui/src/domain/workflow.ts
+++ b/ui/src/domain/workflow.ts
@@ -151,6 +151,7 @@ export type WorkflowNodeConfigForApply = {
   caProviderAccessId?: string;
   caProviderConfig?: Record<string, unknown>;
   keyAlgorithm: string;
+  acmeProfile?: string;
   nameservers?: string;
   dnsPropagationTimeout?: number;
   dnsTTL?: number;
diff --git a/ui/src/i18n/locales/en/nls.workflow.nodes.json b/ui/src/i18n/locales/en/nls.workflow.nodes.json
index 47724678..caf55597 100644
--- a/ui/src/i18n/locales/en/nls.workflow.nodes.json
+++ b/ui/src/i18n/locales/en/nls.workflow.nodes.json
@@ -71,6 +71,9 @@
   "workflow_node.apply.form.ca_provider_access.button": "Create",
   "workflow_node.apply.form.key_algorithm.label": "Certificate key algorithm",
   "workflow_node.apply.form.key_algorithm.placeholder": "Please select certificate key algorithm",
+  "workflow_node.apply.form.acme_profile.label": "ACME certificate profile (Optional)",
+  "workflow_node.apply.form.acme_profile.placeholder": "Please enter ACME certificate profile",
+  "workflow_node.apply.form.acme_profile.tooltip": "It determines the ACME profile which will be used to affect issuance of the certificate requested. If you don't understand this option, just keep it by default.<a href=\"https://letsencrypt.org/docs/profiles/\" target=\"_blank\">Learn more</a>.",
   "workflow_node.apply.form.advanced_config.label": "Advanced settings",
   "workflow_node.apply.form.nameservers.label": "DNS recursive nameservers (Optional)",
   "workflow_node.apply.form.nameservers.placeholder": "Please enter DNS recursive nameservers (separated by semicolons)",
diff --git a/ui/src/i18n/locales/zh/nls.workflow.nodes.json b/ui/src/i18n/locales/zh/nls.workflow.nodes.json
index 93805dac..4e20f18c 100644
--- a/ui/src/i18n/locales/zh/nls.workflow.nodes.json
+++ b/ui/src/i18n/locales/zh/nls.workflow.nodes.json
@@ -70,6 +70,9 @@
   "workflow_node.apply.form.ca_provider_access.button": "新建",
   "workflow_node.apply.form.key_algorithm.label": "证书算法",
   "workflow_node.apply.form.key_algorithm.placeholder": "请选择证书算法",
+  "workflow_node.apply.form.acme_profile.label": "ACME 证书配置（可选）",
+  "workflow_node.apply.form.acme_profile.placeholder": "请输入 ACME 证书配置",
+  "workflow_node.apply.form.acme_profile.tooltip": "表示证书颁发时使用的 ACME 证书配置。如果你不了解该选项的用途，保持默认即可。<a href=\"https://letsencrypt.org/zh-cn/docs/profiles/\" target=\"_blank\">点此了解更多</a>。",
   "workflow_node.apply.form.advanced_config.label": "高级设置",
   "workflow_node.apply.form.nameservers.label": "DNS 递归服务器（可选）",
   "workflow_node.apply.form.nameservers.placeholder": "请输入 DNS 递归服务器（多个值请用半角分号隔开）",