diff --git a/internal/applicant/acme_ca.go b/internal/applicant/acme_ca.go
index 52bfcb8f..ea0c6b74 100644
--- a/internal/applicant/acme_ca.go
+++ b/internal/applicant/acme_ca.go
@@ -5,6 +5,7 @@ import "github.com/usual2970/certimate/internal/domain"
 const (
 	sslProviderLetsEncrypt         = string(domain.ApplyCAProviderTypeLetsEncrypt)
 	sslProviderLetsEncryptStaging  = string(domain.ApplyCAProviderTypeLetsEncryptStaging)
+	sslProviderBuypass             = string(domain.ApplyCAProviderTypeBuypass)
 	sslProviderGoogleTrustServices = string(domain.ApplyCAProviderTypeGoogleTrustServices)
 	sslProviderSSLCom              = string(domain.ApplyCAProviderTypeSSLCom)
 	sslProviderZeroSSL             = string(domain.ApplyCAProviderTypeZeroSSL)
@@ -15,8 +16,9 @@ const (
 var sslProviderUrls = map[string]string{
 	sslProviderLetsEncrypt:         "https://acme-v02.api.letsencrypt.org/directory",
 	sslProviderLetsEncryptStaging:  "https://acme-staging-v02.api.letsencrypt.org/directory",
+	sslProviderBuypass:             "https://api.buypass.com/acme/directory",
 	sslProviderGoogleTrustServices: "https://dv.acme-v02.api.pki.goog/directory",
-	sslProviderSSLCom:              "https://acme.ssl.com/sslcom-dv-ecc",
+	sslProviderSSLCom:              "https://acme.ssl.com/sslcom-dv-rsa",
 	sslProviderZeroSSL:             "https://acme.zerossl.com/v2/DV90",
 }
 
diff --git a/internal/applicant/acme_user.go b/internal/applicant/acme_user.go
index fa8e81b9..430db5a3 100644
--- a/internal/applicant/acme_user.go
+++ b/internal/applicant/acme_user.go
@@ -98,6 +98,11 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m
 	case sslProviderLetsEncrypt, sslProviderLetsEncryptStaging:
 		reg, err = client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
 
+	case sslProviderBuypass:
+		{
+			reg, err = client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
+		}
+
 	case sslProviderGoogleTrustServices:
 		{
 			access := domain.AccessConfigForGoogleTrustServices{}
diff --git a/internal/domain/provider.go b/internal/domain/provider.go
index c0da68ed..d8726034 100644
--- a/internal/domain/provider.go
+++ b/internal/domain/provider.go
@@ -19,6 +19,7 @@ const (
 	AccessProviderTypeBaishan             = AccessProviderType("baishan")
 	AccessProviderTypeBaotaPanel          = AccessProviderType("baotapanel")
 	AccessProviderTypeBytePlus            = AccessProviderType("byteplus")
+	AccessProviderTypeBuypass             = AccessProviderType("buypass")
 	AccessProviderTypeCacheFly            = AccessProviderType("cachefly")
 	AccessProviderTypeCdnfly              = AccessProviderType("cdnfly")
 	AccessProviderTypeCloudflare          = AccessProviderType("cloudflare")
@@ -75,6 +76,7 @@ type ApplyCAProviderType string
 	NOTICE: If you add new constant, please keep ASCII order.
 */
 const (
+	ApplyCAProviderTypeBuypass             = ApplyCAProviderType(string(AccessProviderTypeBuypass))
 	ApplyCAProviderTypeGoogleTrustServices = ApplyCAProviderType(string(AccessProviderTypeGoogleTrustServices))
 	ApplyCAProviderTypeLetsEncrypt         = ApplyCAProviderType(string(AccessProviderTypeLetsEncrypt))
 	ApplyCAProviderTypeLetsEncryptStaging  = ApplyCAProviderType(string(AccessProviderTypeLetsEncryptStaging))
diff --git a/migrations/1743264000_upgrade.go b/migrations/1743264000_upgrade.go
index e7bb5087..75f98b30 100644
--- a/migrations/1743264000_upgrade.go
+++ b/migrations/1743264000_upgrade.go
@@ -83,6 +83,7 @@ func init() {
 					"baishan",
 					"baotapanel",
 					"byteplus",
+					"buypass",
 					"cachefly",
 					"cdnfly",
 					"cloudflare",
diff --git a/ui/public/imgs/providers/buypass.png b/ui/public/imgs/providers/buypass.png
new file mode 100644
index 00000000..f4692538
Binary files /dev/null and b/ui/public/imgs/providers/buypass.png differ
diff --git a/ui/src/domain/provider.ts b/ui/src/domain/provider.ts
index ac66f670..74296917 100644
--- a/ui/src/domain/provider.ts
+++ b/ui/src/domain/provider.ts
@@ -13,6 +13,7 @@ export const ACCESS_PROVIDERS = Object.freeze({
   BAISHAN: "baishan",
   BAOTAPANEL: "baotapanel",
   BYTEPLUS: "byteplus",
+  BUYPASS: "buypass",
   CACHEFLY: "cachefly",
   CDNFLY: "cdnfly",
   CLOUDFLARE: "cloudflare",
@@ -128,9 +129,10 @@ export const accessProvidersMap: Map<AccessProvider["type"] | string, AccessProv
 
     [ACCESS_PROVIDERS.LETSENCRYPT, "provider.letsencrypt", "/imgs/providers/letsencrypt.svg", [ACCESS_USAGES.CA]],
     [ACCESS_PROVIDERS.LETSENCRYPTSTAGING, "provider.letsencryptstaging", "/imgs/providers/letsencrypt.svg", [ACCESS_USAGES.CA]],
+    [ACCESS_PROVIDERS.BUYPASS, "provider.buypass", "/imgs/providers/buypass.png", [ACCESS_USAGES.CA]],
     [ACCESS_PROVIDERS.GOOGLETRUSTSERVICES, "provider.googletrustservices", "/imgs/providers/google.svg", [ACCESS_USAGES.CA]],
-    [ACCESS_PROVIDERS.ZEROSSL, "provider.zerossl", "/imgs/providers/zerossl.svg", [ACCESS_USAGES.CA]],
     [ACCESS_PROVIDERS.SSLCOM, "provider.sslcom", "/imgs/providers/sslcom.svg", [ACCESS_USAGES.CA]],
+    [ACCESS_PROVIDERS.ZEROSSL, "provider.zerossl", "/imgs/providers/zerossl.svg", [ACCESS_USAGES.CA]],
   ].map((e) => [
     e[0] as string,
     {
@@ -150,6 +152,7 @@ export const accessProvidersMap: Map<AccessProvider["type"] | string, AccessProv
   NOTICE: If you add new constant, please keep ASCII order.
  */
 export const APPLY_CA_PROVIDERS = Object.freeze({
+  BUYPASS: `${ACCESS_PROVIDERS.BUYPASS}`,
   GOOGLETRUSTSERVICES: `${ACCESS_PROVIDERS.GOOGLETRUSTSERVICES}`,
   LETSENCRYPT: `${ACCESS_PROVIDERS.LETSENCRYPT}`,
   LETSENCRYPTSTAGING: `${ACCESS_PROVIDERS.LETSENCRYPTSTAGING}`,
@@ -173,11 +176,12 @@ export const applyCAProvidersMap: Map<ApplyCAProvider["type"] | string, ApplyCAP
     NOTICE: The following order determines the order displayed at the frontend.
   */
   [
-    [APPLY_CA_PROVIDERS.LETSENCRYPT, "true"],
-    [APPLY_CA_PROVIDERS.LETSENCRYPTSTAGING, "true"],
-    [APPLY_CA_PROVIDERS.ZEROSSL],
+    [APPLY_CA_PROVIDERS.LETSENCRYPT, "builtin"],
+    [APPLY_CA_PROVIDERS.LETSENCRYPTSTAGING, "builtin"],
+    [APPLY_CA_PROVIDERS.BUYPASS],
     [APPLY_CA_PROVIDERS.GOOGLETRUSTSERVICES],
     [APPLY_CA_PROVIDERS.SSLCOM],
+    [APPLY_CA_PROVIDERS.ZEROSSL],
   ].map(([type, builtin]) => [
     type,
     {
@@ -185,7 +189,7 @@ export const applyCAProvidersMap: Map<ApplyCAProvider["type"] | string, ApplyCAP
       name: accessProvidersMap.get(type.split("-")[0])!.name,
       icon: accessProvidersMap.get(type.split("-")[0])!.icon,
       provider: type.split("-")[0] as AccessProviderType,
-      builtin: builtin === "true",
+      builtin: builtin === "builtin",
     },
   ])
 );
@@ -399,7 +403,7 @@ export const deployProvidersMap: Map<DeployProvider["type"] | string, DeployProv
      NOTICE: The following order determines the order displayed at the frontend.
     */
   [
-    [DEPLOY_PROVIDERS.LOCAL, "provider.local", DEPLOY_CATEGORIES.OTHER, "true"],
+    [DEPLOY_PROVIDERS.LOCAL, "provider.local", DEPLOY_CATEGORIES.OTHER, "builtin"],
     [DEPLOY_PROVIDERS.SSH, "provider.ssh", DEPLOY_CATEGORIES.OTHER],
     [DEPLOY_PROVIDERS.WEBHOOK, "provider.webhook", DEPLOY_CATEGORIES.OTHER],
     [DEPLOY_PROVIDERS.KUBERNETES_SECRET, "provider.kubernetes.secret", DEPLOY_CATEGORIES.OTHER],
@@ -477,7 +481,7 @@ export const deployProvidersMap: Map<DeployProvider["type"] | string, DeployProv
       icon: accessProvidersMap.get(type.split("-")[0])!.icon,
       provider: type.split("-")[0] as AccessProviderType,
       category: category as DeployCategoryType,
-      builtin: builtin === "true",
+      builtin: builtin === "builtin",
     },
   ])
 );
diff --git a/ui/src/i18n/locales/en/nls.provider.json b/ui/src/i18n/locales/en/nls.provider.json
index 351f5b1d..bdc64ad8 100644
--- a/ui/src/i18n/locales/en/nls.provider.json
+++ b/ui/src/i18n/locales/en/nls.provider.json
@@ -40,6 +40,7 @@
   "provider.baotapanel.site": "aaPanel (aka BaoTaPanel) - Website",
   "provider.byteplus": "BytePlus",
   "provider.byteplus.cdn": "BytePlus - CDN (Content Delivery Network)",
+  "provider.buypass": "Buypass AS",
   "provider.cachefly": "CacheFly",
   "provider.cdnfly": "Cdnfly",
   "provider.cloudflare": "Cloudflare",
diff --git a/ui/src/i18n/locales/zh/nls.provider.json b/ui/src/i18n/locales/zh/nls.provider.json
index bcaf50b6..27a9dbbc 100644
--- a/ui/src/i18n/locales/zh/nls.provider.json
+++ b/ui/src/i18n/locales/zh/nls.provider.json
@@ -40,6 +40,7 @@
   "provider.baotapanel.site": "宝塔面板 - 网站",
   "provider.byteplus": "BytePlus",
   "provider.byteplus.cdn": "BytePlus - 内容分发网络 CDN",
+  "provider.buypass": "Buypass AS",
   "provider.cachefly": "CacheFly",
   "provider.cdnfly": "Cdnfly",
   "provider.cloudflare": "Cloudflare",
diff --git a/ui/src/pages/settings/SettingsSSLProvider.tsx b/ui/src/pages/settings/SettingsSSLProvider.tsx
index f325fbad..f23c2024 100644
--- a/ui/src/pages/settings/SettingsSSLProvider.tsx
+++ b/ui/src/pages/settings/SettingsSSLProvider.tsx
@@ -107,31 +107,20 @@ const SSLProviderEditFormLetsEncryptStagingConfig = () => {
   );
 };
 
-const SSLProviderEditFormZeroSSLConfig = () => {
+const SSLProviderEditFormBuypassConfig = () => {
   const { t } = useTranslation();
 
   const { pending, settings, updateSettings } = useContext(SSLProviderContext);
 
-  const formSchema = z.object({
-    eabKid: z
-      .string({ message: t("settings.sslprovider.form.zerossl_eab_kid.placeholder") })
-      .min(1, t("settings.sslprovider.form.zerossl_eab_kid.placeholder"))
-      .max(256, t("common.errmsg.string_max", { max: 256 })),
-    eabHmacKey: z
-      .string({ message: t("settings.sslprovider.form.zerossl_eab_hmac_key.placeholder") })
-      .min(1, t("settings.sslprovider.form.zerossl_eab_hmac_key.placeholder"))
-      .max(256, t("common.errmsg.string_max", { max: 256 })),
-  });
-  const formRule = createSchemaFieldRule(formSchema);
-  const { form: formInst, formProps } = useAntdForm<z.infer<typeof formSchema>>({
-    initialValues: settings?.content?.config?.[APPLY_CA_PROVIDERS.ZEROSSL],
+  const { form: formInst, formProps } = useAntdForm<NonNullable<unknown>>({
+    initialValues: settings?.content?.config?.[APPLY_CA_PROVIDERS.BUYPASS],
     onSubmit: async (values) => {
       const newSettings = produce(settings, (draft) => {
         draft.content ??= {} as SSLProviderSettingsContent;
-        draft.content.provider = APPLY_CA_PROVIDERS.ZEROSSL;
+        draft.content.provider = APPLY_CA_PROVIDERS.BUYPASS;
 
         draft.content.config ??= {} as SSLProviderSettingsContent["config"];
-        draft.content.config[APPLY_CA_PROVIDERS.ZEROSSL] = values;
+        draft.content.config[APPLY_CA_PROVIDERS.BUYPASS] = values;
       });
       await updateSettings(newSettings);
 
@@ -141,7 +130,7 @@ const SSLProviderEditFormZeroSSLConfig = () => {
 
   const [formChanged, setFormChanged] = useState(false);
   useEffect(() => {
-    setFormChanged(settings?.content?.provider !== APPLY_CA_PROVIDERS.ZEROSSL);
+    setFormChanged(settings?.content?.provider !== APPLY_CA_PROVIDERS.LETSENCRYPTSTAGING);
   }, [settings?.content?.provider]);
 
   const handleFormChange = () => {
@@ -150,24 +139,6 @@ const SSLProviderEditFormZeroSSLConfig = () => {
 
   return (
     <Form {...formProps} form={formInst} disabled={pending} layout="vertical" onValuesChange={handleFormChange}>
-      <Form.Item
-        name="eabKid"
-        label={t("settings.sslprovider.form.zerossl_eab_kid.label")}
-        rules={[formRule]}
-        tooltip={<span dangerouslySetInnerHTML={{ __html: t("settings.sslprovider.form.zerossl_eab_kid.tooltip") }}></span>}
-      >
-        <Input autoComplete="new-password" placeholder={t("settings.sslprovider.form.zerossl_eab_kid.placeholder")} />
-      </Form.Item>
-
-      <Form.Item
-        name="eabHmacKey"
-        label={t("settings.sslprovider.form.zerossl_eab_hmac_key.label")}
-        rules={[formRule]}
-        tooltip={<span dangerouslySetInnerHTML={{ __html: t("settings.sslprovider.form.zerossl_eab_hmac_key.tooltip") }}></span>}
-      >
-        <Input.Password autoComplete="new-password" placeholder={t("settings.sslprovider.form.zerossl_eab_hmac_key.placeholder")} />
-      </Form.Item>
-
       <Form.Item>
         <Button type="primary" htmlType="submit" disabled={!formChanged} loading={pending}>
           {t("common.button.save")}
@@ -317,6 +288,76 @@ const SSLProviderEditFormSSLComConfig = () => {
   );
 };
 
+const SSLProviderEditFormZeroSSLConfig = () => {
+  const { t } = useTranslation();
+
+  const { pending, settings, updateSettings } = useContext(SSLProviderContext);
+
+  const formSchema = z.object({
+    eabKid: z
+      .string({ message: t("settings.sslprovider.form.zerossl_eab_kid.placeholder") })
+      .min(1, t("settings.sslprovider.form.zerossl_eab_kid.placeholder"))
+      .max(256, t("common.errmsg.string_max", { max: 256 })),
+    eabHmacKey: z
+      .string({ message: t("settings.sslprovider.form.zerossl_eab_hmac_key.placeholder") })
+      .min(1, t("settings.sslprovider.form.zerossl_eab_hmac_key.placeholder"))
+      .max(256, t("common.errmsg.string_max", { max: 256 })),
+  });
+  const formRule = createSchemaFieldRule(formSchema);
+  const { form: formInst, formProps } = useAntdForm<z.infer<typeof formSchema>>({
+    initialValues: settings?.content?.config?.[APPLY_CA_PROVIDERS.ZEROSSL],
+    onSubmit: async (values) => {
+      const newSettings = produce(settings, (draft) => {
+        draft.content ??= {} as SSLProviderSettingsContent;
+        draft.content.provider = APPLY_CA_PROVIDERS.ZEROSSL;
+
+        draft.content.config ??= {} as SSLProviderSettingsContent["config"];
+        draft.content.config[APPLY_CA_PROVIDERS.ZEROSSL] = values;
+      });
+      await updateSettings(newSettings);
+
+      setFormChanged(false);
+    },
+  });
+
+  const [formChanged, setFormChanged] = useState(false);
+  useEffect(() => {
+    setFormChanged(settings?.content?.provider !== APPLY_CA_PROVIDERS.ZEROSSL);
+  }, [settings?.content?.provider]);
+
+  const handleFormChange = () => {
+    setFormChanged(true);
+  };
+
+  return (
+    <Form {...formProps} form={formInst} disabled={pending} layout="vertical" onValuesChange={handleFormChange}>
+      <Form.Item
+        name="eabKid"
+        label={t("settings.sslprovider.form.zerossl_eab_kid.label")}
+        rules={[formRule]}
+        tooltip={<span dangerouslySetInnerHTML={{ __html: t("settings.sslprovider.form.zerossl_eab_kid.tooltip") }}></span>}
+      >
+        <Input autoComplete="new-password" placeholder={t("settings.sslprovider.form.zerossl_eab_kid.placeholder")} />
+      </Form.Item>
+
+      <Form.Item
+        name="eabHmacKey"
+        label={t("settings.sslprovider.form.zerossl_eab_hmac_key.label")}
+        rules={[formRule]}
+        tooltip={<span dangerouslySetInnerHTML={{ __html: t("settings.sslprovider.form.zerossl_eab_hmac_key.tooltip") }}></span>}
+      >
+        <Input.Password autoComplete="new-password" placeholder={t("settings.sslprovider.form.zerossl_eab_hmac_key.placeholder")} />
+      </Form.Item>
+
+      <Form.Item>
+        <Button type="primary" htmlType="submit" disabled={!formChanged} loading={pending}>
+          {t("common.button.save")}
+        </Button>
+      </Form.Item>
+    </Form>
+  );
+};
+
 const SettingsSSLProvider = () => {
   const { t } = useTranslation();
 
@@ -349,6 +390,8 @@ const SettingsSSLProvider = () => {
         return <SSLProviderEditFormLetsEncryptConfig />;
       case APPLY_CA_PROVIDERS.LETSENCRYPTSTAGING:
         return <SSLProviderEditFormLetsEncryptStagingConfig />;
+      case APPLY_CA_PROVIDERS.BUYPASS:
+        return <SSLProviderEditFormBuypassConfig />;
       case APPLY_CA_PROVIDERS.GOOGLETRUSTSERVICES:
         return <SSLProviderEditFormGoogleTrustServicesConfig />;
       case APPLY_CA_PROVIDERS.SSLCOM:
@@ -404,11 +447,11 @@ const SettingsSSLProvider = () => {
                 value={APPLY_CA_PROVIDERS.LETSENCRYPTSTAGING}
               />
               <CheckCard
-                avatar={<img src={"/imgs/providers/zerossl.svg"} className="size-8" />}
+                avatar={<img src={"/imgs/providers/buypass.png"} className="size-8" />}
                 size="small"
-                title={t("provider.zerossl")}
-                description="zerossl.com"
-                value={APPLY_CA_PROVIDERS.ZEROSSL}
+                title={t("provider.buypass")}
+                description="buypass.com"
+                value={APPLY_CA_PROVIDERS.BUYPASS}
               />
               <CheckCard
                 avatar={<img src={"/imgs/providers/google.svg"} className="size-8" />}
@@ -424,6 +467,13 @@ const SettingsSSLProvider = () => {
                 description="ssl.com"
                 value={APPLY_CA_PROVIDERS.SSLCOM}
               />
+              <CheckCard
+                avatar={<img src={"/imgs/providers/zerossl.svg"} className="size-8" />}
+                size="small"
+                title={t("provider.zerossl")}
+                description="zerossl.com"
+                value={APPLY_CA_PROVIDERS.ZEROSSL}
+              />
             </CheckCard.Group>
           </Form.Item>