refactor: clean code

2025-07-18 01:11:55 +08:00 · 2025-06-23 12:11:20 +08:00 · 2025-06-23 12:11:20 +08:00 · 2829ac89ca
commit 2829ac89ca
parent 902cd83f79
13 changed files with 154 additions and 196 deletions
--- a/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go
@ -17,6 +17,7 @@ import (

 	"github.com/certimate-go/certimate/pkg/core"
 	sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas"
+	"github.com/certimate-go/certimate/pkg/utils/ifelse"
 )

 type SSLDeployerProviderConfig struct {
@ -65,7 +66,15 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region: ifelse.
+			If[string](config.Region == "" || strings.HasPrefix(config.Region, "cn-")).
+			Then("cn-hangzhou").
+			Else("ap-southeast-1"),
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -463,25 +472,3 @@ func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients
 		CAS: casClient,
 	}, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	casRegion := region
-	if casRegion != "" {
-		// 阿里云 CAS 服务接入点是独立于 ALB 服务的
-		// 国内版固定接入点：华东一杭州
-		// 国际版固定接入点：亚太东南一新加坡
-		if !strings.HasPrefix(casRegion, "cn-") {
-			casRegion = "ap-southeast-1"
-		} else {
-			casRegion = "cn-hangzhou"
-		}
-	}
-
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          casRegion,
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go
@ -15,6 +15,7 @@ import (

 	"github.com/certimate-go/certimate/pkg/core"
 	sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas"
+	"github.com/certimate-go/certimate/pkg/utils/ifelse"
 	xtypes "github.com/certimate-go/certimate/pkg/utils/types"
 )

@ -63,7 +64,15 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region: ifelse.
+			If[string](config.Region == "" || strings.HasPrefix(config.Region, "cn-")).
+			Then("cn-hangzhou").
+			Else("ap-southeast-1"),
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -225,7 +234,14 @@ func (d *SSLDeployerProvider) deployToCloudNative(ctx context.Context, certPEM s

 func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients, error) {
 	// 接入点一览 https://api.aliyun.com/product/APIG
-	cloudNativeAPIGEndpoint := strings.ReplaceAll(fmt.Sprintf("apig.%s.aliyuncs.com", region), "..", ".")
+	var cloudNativeAPIGEndpoint string
+	switch region {
+	case "":
+		cloudNativeAPIGEndpoint = "apig.cn-hangzhou.aliyuncs.com"
+	default:
+		cloudNativeAPIGEndpoint = fmt.Sprintf("apig.%s.aliyuncs.com", region)
+	}
+
 	cloudNativeAPIGConfig := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
@ -237,7 +253,14 @@ func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients
 	}

 	// 接入点一览 https://api.aliyun.com/product/CloudAPI
-	traditionalAPIGEndpoint := strings.ReplaceAll(fmt.Sprintf("apigateway.%s.aliyuncs.com", region), "..", ".")
+	var traditionalAPIGEndpoint string
+	switch region {
+	case "":
+		traditionalAPIGEndpoint = "apigateway.cn-hangzhou.aliyuncs.com"
+	default:
+		traditionalAPIGEndpoint = fmt.Sprintf("apigateway.%s.aliyuncs.com", region)
+	}
+
 	traditionalAPIGConfig := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
@ -253,25 +276,3 @@ func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients
 		TraditionalAPIGateway: traditionalAPIGClient,
 	}, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	casRegion := region
-	if casRegion != "" {
-		// 阿里云 CAS 服务接入点是独立于 APIGateway 服务的
-		// 国内版固定接入点：华东一杭州
-		// 国际版固定接入点：亚太东南一新加坡
-		if !strings.HasPrefix(casRegion, "cn-") {
-			casRegion = "ap-southeast-1"
-		} else {
-			casRegion = "cn-hangzhou"
-		}
-	}
-
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          casRegion,
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go
@ -51,7 +51,12 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region:          config.Region,
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -177,25 +182,3 @@ func createSDKClient(accessKeyId, accessKeySecret, region string) (*alicas.Clien

 	return client, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	casRegion := region
-	if casRegion != "" {
-		// 阿里云 CAS 服务接入点是独立于其他服务的
-		// 国内版固定接入点：华东一杭州
-		// 国际版固定接入点：亚太东南一新加坡
-		if !strings.HasPrefix(casRegion, "cn-") {
-			casRegion = "ap-southeast-1"
-		} else {
-			casRegion = "cn-hangzhou"
-		}
-	}
-
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          casRegion,
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go
@ -5,6 +5,7 @@ import (
 	"errors"
 	"fmt"
 	"log/slog"
+	"strings"

 	aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
 	alislb "github.com/alibabacloud-go/slb-20140515/v4/client"
@ -12,6 +13,7 @@ import (

 	"github.com/certimate-go/certimate/pkg/core"
 	sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-slb"
+	"github.com/certimate-go/certimate/pkg/utils/ifelse"
 )

 type SSLDeployerProviderConfig struct {
@ -55,7 +57,15 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region: ifelse.
+			If[string](config.Region == "" || strings.HasPrefix(config.Region, "cn-")).
+			Then("cn-hangzhou").
+			Else("ap-southeast-1"),
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -307,13 +317,3 @@ func createSDKClient(accessKeyId, accessKeySecret, region string) (*alislb.Clien

 	return client, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          region,
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go
@ -14,6 +14,7 @@ import (

 	"github.com/certimate-go/certimate/pkg/core"
 	sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-slb"
+	"github.com/certimate-go/certimate/pkg/utils/ifelse"
 )

 type SSLDeployerProviderConfig struct {
@ -48,7 +49,15 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region: ifelse.
+			If[string](config.Region == "" || strings.HasPrefix(config.Region, "cn-")).
+			Then("cn-hangzhou").
+			Else("ap-southeast-1"),
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -102,10 +111,18 @@ func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privke

 func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliddos.Client, error) {
 	// 接入点一览 https://api.aliyun.com/product/ddoscoo
+	var endpoint string
+	switch region {
+	case "":
+		endpoint = "ddoscoo.cn-hangzhou.aliyuncs.com"
+	default:
+		endpoint = fmt.Sprintf("ddoscoo.%s.aliyuncs.com", region)
+	}
+
 	config := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
-		Endpoint:        tea.String(strings.ReplaceAll(fmt.Sprintf("ddoscoo.%s.aliyuncs.com", region), "..", ".")),
+		Endpoint:        tea.String(endpoint),
 	}

 	client, err := aliddos.NewClient(config)
@ -115,25 +132,3 @@ func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliddos.Clie

 	return client, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	casRegion := region
-	if casRegion != "" {
-		// 阿里云 CAS 服务接入点是独立于 Anti-DDoS 服务的
-		// 国内版固定接入点：华东一杭州
-		// 国际版固定接入点：亚太东南一新加坡
-		if !strings.HasPrefix(casRegion, "cn-") {
-			casRegion = "ap-southeast-1"
-		} else {
-			casRegion = "cn-hangzhou"
-		}
-	}
-
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          casRegion,
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go
@ -14,6 +14,7 @@ import (

 	"github.com/certimate-go/certimate/pkg/core"
 	sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas"
+	"github.com/certimate-go/certimate/pkg/utils/ifelse"
 )

 type SSLDeployerProviderConfig struct {
@ -48,7 +49,15 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region: ifelse.
+			If[string](config.Region == "" || strings.HasPrefix(config.Region, "cn-")).
+			Then("cn-hangzhou").
+			Else("ap-southeast-1"),
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -103,10 +112,18 @@ func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privke

 func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliesa.Client, error) {
 	// 接入点一览 https://api.aliyun.com/product/ESA
+	var endpoint string
+	switch region {
+	case "":
+		endpoint = "esa.cn-hangzhou.aliyuncs.com"
+	default:
+		endpoint = fmt.Sprintf("esa.%s.aliyuncs.com", region)
+	}
+
 	config := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
-		Endpoint:        tea.String(strings.ReplaceAll(fmt.Sprintf("esa.%s.aliyuncs.com", region), "..", ".")),
+		Endpoint:        tea.String(endpoint),
 	}

 	client, err := aliesa.NewClient(config)
@ -116,25 +133,3 @@ func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliesa.Clien

 	return client, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	casRegion := region
-	if casRegion != "" {
-		// 阿里云 CAS 服务接入点是独立于 ESA 服务的
-		// 国内版固定接入点：华东一杭州
-		// 国际版固定接入点：亚太东南一新加坡
-		if !strings.HasPrefix(casRegion, "cn-") {
-			casRegion = "ap-southeast-1"
-		} else {
-			casRegion = "cn-hangzhou"
-		}
-	}
-
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          casRegion,
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go
@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"log/slog"
-	"strings"
 	"time"

 	aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
@ -184,8 +183,17 @@ func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients
 		return nil, err
 	}

-	// 接入点一览 https://api.aliyun.com/product/FC-Open
-	fc3Endpoint := strings.ReplaceAll(fmt.Sprintf("fcv3.%s.aliyuncs.com", region), "..", ".")
+	// 接入点一览 https://api.aliyun.com/product/FC
+	var fc3Endpoint string
+	switch region {
+	case "":
+		fc3Endpoint = "fcv3.cn-hangzhou.aliyuncs.com"
+	case "me-central-1", "cn-hangzhou-finance", "cn-shanghai-finance-1", "cn-heyuan-acdr-1":
+		fc3Endpoint = fmt.Sprintf("%s.fc.aliyuncs.com", region)
+	default:
+		fc3Endpoint = fmt.Sprintf("fcv3.%s.aliyuncs.com", region)
+	}
+
 	fc3Config := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
--- a/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go
@ -54,7 +54,12 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region:          "cn-hangzhou",
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -313,13 +318,3 @@ func createSDKClient(accessKeyId, accessKeySecret string) (*aliga.Client, error)

 	return client, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId string) (core.SSLManager, error) {
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          "cn-hangzhou",
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go
@ -13,6 +13,7 @@ import (

 	"github.com/certimate-go/certimate/pkg/core"
 	sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas"
+	"github.com/certimate-go/certimate/pkg/utils/ifelse"
 )

 type SSLDeployerProviderConfig struct {
@ -53,7 +54,15 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region: ifelse.
+			If[string](config.Region == "" || strings.HasPrefix(config.Region, "cn-")).
+			Then("cn-hangzhou").
+			Else("ap-southeast-1"),
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -225,7 +234,14 @@ func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, clo

 func createSDKClient(accessKeyId, accessKeySecret, region string) (*alinlb.Client, error) {
 	// 接入点一览 https://api.aliyun.com/product/Nlb
-	endpoint := strings.ReplaceAll(fmt.Sprintf("nlb.%s.aliyuncs.com", region), "..", ".")
+	var endpoint string
+	switch region {
+	case "":
+		endpoint = "nlb.cn-hangzhou.aliyuncs.com"
+	default:
+		endpoint = fmt.Sprintf("nlb.%s.aliyuncs.com", region)
+	}
+
 	config := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
@ -239,25 +255,3 @@ func createSDKClient(accessKeyId, accessKeySecret, region string) (*alinlb.Clien

 	return client, nil
 }
-
-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	casRegion := region
-	if casRegion != "" {
-		// 阿里云 CAS 服务接入点是独立于 NLB 服务的
-		// 国内版固定接入点：华东一杭州
-		// 国际版固定接入点：亚太东南一新加坡
-		if !strings.HasPrefix(casRegion, "cn-") {
-			casRegion = "ap-southeast-1"
-		} else {
-			casRegion = "cn-hangzhou"
-		}
-	}
-
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          casRegion,
-	})
-	return sslmgr, err
-}
--- a/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go
@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"log/slog"
-	"strings"
 	"time"

 	aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
@ -86,7 +85,14 @@ func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privke

 func createSDKClient(accessKeyId, accessKeySecret, region string) (*alivod.Client, error) {
 	// 接入点一览 https://api.aliyun.com/product/vod
-	endpoint := strings.ReplaceAll(fmt.Sprintf("vod.%s.aliyuncs.com", region), "..", ".")
+	var endpoint string
+	switch region {
+	case "":
+		endpoint = "vod.cn-hangzhou.aliyuncs.com"
+	default:
+		endpoint = fmt.Sprintf("vod.%s.aliyuncs.com", region)
+	}
+
 	config := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
--- a/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go
+++ b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go
@ -13,6 +13,7 @@ import (

 	"github.com/certimate-go/certimate/pkg/core"
 	sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas"
+	"github.com/certimate-go/certimate/pkg/utils/ifelse"
 	xslices "github.com/certimate-go/certimate/pkg/utils/slices"
 	xtypes "github.com/certimate-go/certimate/pkg/utils/types"
 )
@ -53,7 +54,15 @@ func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProv
 		return nil, fmt.Errorf("could not create sdk client: %w", err)
 	}

-	sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region)
+	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
+		AccessKeyId:     config.AccessKeyId,
+		AccessKeySecret: config.AccessKeySecret,
+		ResourceGroupId: config.ResourceGroupId,
+		Region: ifelse.
+			If[string](config.Region == "" || strings.HasPrefix(config.Region, "cn-")).
+			Then("cn-hangzhou").
+			Else("ap-southeast-1"),
+	})
 	if err != nil {
 		return nil, fmt.Errorf("could not create ssl manager: %w", err)
 	}
@ -176,7 +185,14 @@ func (d *SSLDeployerProvider) deployToWAF3(ctx context.Context, certPEM string,

 func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Client, error) {
 	// 接入点一览：https://api.aliyun.com/product/waf-openapi
-	endpoint := strings.ReplaceAll(fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region), "..", ".")
+	var endpoint string
+	switch region {
+	case "":
+		endpoint = "wafopenapi.cn-hangzhou.aliyuncs.com"
+	default:
+		endpoint = fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region)
+	}
+
 	config := &aliopen.Config{
 		AccessKeyId:     tea.String(accessKeyId),
 		AccessKeySecret: tea.String(accessKeySecret),
@ -191,28 +207,6 @@ func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Clien
 	return client, nil
 }

-func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) {
-	casRegion := region
-	if casRegion != "" {
-		// 阿里云 CAS 服务接入点是独立于 WAF 服务的
-		// 国内版固定接入点：华东一杭州
-		// 国际版固定接入点：亚太东南一新加坡
-		if !strings.HasPrefix(casRegion, "cn-") {
-			casRegion = "ap-southeast-1"
-		} else {
-			casRegion = "cn-hangzhou"
-		}
-	}
-
-	sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{
-		AccessKeyId:     accessKeyId,
-		AccessKeySecret: accessKeySecret,
-		ResourceGroupId: resourceGroupId,
-		Region:          casRegion,
-	})
-	return sslmgr, err
-}
-
 func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDetailResponseBody) *aliwaf.ModifyDomainRequest {
 	// `ModifyDomain` 中不传的字段表示使用默认值、而非保留原值，
 	// 因此这里需要把原配置中的参数重新赋值回去。
--- a/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go
+++ b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go
@ -102,7 +102,7 @@ func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privke
 		if err != nil {
 			return nil, fmt.Errorf("failed to execute sdk request 'baishan.GetDomainConfig': %w", err)
 		} else if len(getDomainConfigResp.Data) == 0 {
-			return nil, errors.New("domain config not found")
+			return nil, fmt.Errorf("domain %s not found", d.config.Domain)
 		}

 		// 设置域名配置
--- a/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go
+++ b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go
@ -97,7 +97,7 @@ func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privke
 	if err != nil {
 		return nil, fmt.Errorf("failed to execute sdk request 'ucdn.GetUcdnDomainConfig': %w", err)
 	} else if len(getUcdnDomainConfigResp.DomainList) == 0 {
-		return nil, errors.New("no domain found")
+		return nil, fmt.Errorf("domain %s not found", d.config.DomainId)
 	}

 	// 更新 HTTPS 加速配置