diff --git a/internal/db/models/api_node_dao.go b/internal/db/models/api_node_dao.go
index fdc4ceee..526c3bf7 100644
--- a/internal/db/models/api_node_dao.go
+++ b/internal/db/models/api_node_dao.go
@@ -12,6 +12,7 @@ import (
 	"github.com/iwind/TeaGo/rands"
 	"github.com/iwind/TeaGo/types"
 	"strconv"
+	"strings"
 )
 
 const (
@@ -219,7 +220,6 @@ func (this *APINodeDAO) CountAllEnabledAndOnAPINodes(tx *dbs.Tx) (int64, error)
 		Count()
 }
 
-
 // CountAllEnabledAndOnOfflineAPINodes 计算API节点数量
 func (this *APINodeDAO) CountAllEnabledAndOnOfflineAPINodes(tx *dbs.Tx) (int64, error) {
 	return this.Query(tx).
@@ -305,3 +305,19 @@ func (this *APINodeDAO) CountAllLowerVersionNodes(tx *dbs.Tx, version string) (i
 		Param("version", utils.VersionToLong(version)).
 		Count()
 }
+
+// CountAllEnabledAPINodesWithSSLPolicyIds 计算使用SSL策略的所有API节点数量
+func (this *APINodeDAO) CountAllEnabledAPINodesWithSSLPolicyIds(tx *dbs.Tx, sslPolicyIds []int64) (count int64, err error) {
+	if len(sslPolicyIds) == 0 {
+		return
+	}
+	policyStringIds := []string{}
+	for _, policyId := range sslPolicyIds {
+		policyStringIds = append(policyStringIds, strconv.FormatInt(policyId, 10))
+	}
+	return this.Query(tx).
+		State(APINodeStateEnabled).
+		Where("(FIND_IN_SET(JSON_EXTRACT(https, '$.sslPolicyRef.sslPolicyId'), :policyIds) OR FIND_IN_SET(JSON_EXTRACT(restHTTPS, '$.sslPolicyRef.sslPolicyId'), :policyIds))").
+		Param("policyIds", strings.Join(policyStringIds, ",")).
+		Count()
+}
diff --git a/internal/db/models/ssl_policy_dao.go b/internal/db/models/ssl_policy_dao.go
index a2e8bbbf..94ec2b9b 100644
--- a/internal/db/models/ssl_policy_dao.go
+++ b/internal/db/models/ssl_policy_dao.go
@@ -9,7 +9,6 @@ import (
 	"github.com/iwind/TeaGo/dbs"
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/types"
-	"strconv"
 )
 
 const (
@@ -181,8 +180,8 @@ func (this *SSLPolicyDAO) FindAllEnabledPolicyIdsWithCertId(tx *dbs.Tx, certId i
 	ones, err := this.Query(tx).
 		State(SSLPolicyStateEnabled).
 		ResultPk().
-		Where(`JSON_CONTAINS(certs, '{"certId": ` + strconv.FormatInt(certId, 10) + ` }')`).
-		Reuse(false). // 由于我们在JSON_CONTAINS()直接使用了变量，所以不能重用
+		Where("JSON_CONTAINS(certs, :certJSON)").
+		Param("certJSON", maps.Map{"certId": certId}.AsJSON()).
 		FindAll()
 	if err != nil {
 		return nil, err
diff --git a/internal/db/models/user_node_dao.go b/internal/db/models/user_node_dao.go
index f848c063..e97886da 100644
--- a/internal/db/models/user_node_dao.go
+++ b/internal/db/models/user_node_dao.go
@@ -12,6 +12,7 @@ import (
 	"github.com/iwind/TeaGo/rands"
 	"github.com/iwind/TeaGo/types"
 	"strconv"
+	"strings"
 )
 
 const (
@@ -282,3 +283,19 @@ func (this *UserNodeDAO) CountAllEnabledAndOnOfflineNodes(tx *dbs.Tx) (int64, er
 		Where("(status IS NULL OR JSON_EXTRACT(status, '$.updatedAt')<UNIX_TIMESTAMP()-60)").
 		Count()
 }
+
+// CountAllEnabledUserNodesWithSSLPolicyIds 计算使用SSL策略的所有用户节点数量
+func (this *UserNodeDAO) CountAllEnabledUserNodesWithSSLPolicyIds(tx *dbs.Tx, sslPolicyIds []int64) (count int64, err error) {
+	if len(sslPolicyIds) == 0 {
+		return
+	}
+	policyStringIds := []string{}
+	for _, policyId := range sslPolicyIds {
+		policyStringIds = append(policyStringIds, strconv.FormatInt(policyId, 10))
+	}
+	return this.Query(tx).
+		State(UserNodeStateEnabled).
+		Where("(FIND_IN_SET(JSON_EXTRACT(https, '$.sslPolicyRef.sslPolicyId'), :policyIds)) ").
+		Param("policyIds", strings.Join(policyStringIds, ",")).
+		Count()
+}
diff --git a/internal/rpc/services/service_api_node.go b/internal/rpc/services/service_api_node.go
index 077faaba..b969ea6f 100644
--- a/internal/rpc/services/service_api_node.go
+++ b/internal/rpc/services/service_api_node.go
@@ -230,3 +230,26 @@ func (this *APINodeService) FindCurrentAPINodeVersion(ctx context.Context, req *
 
 	return &pb.FindCurrentAPINodeVersionResponse{Version: teaconst.Version}, nil
 }
+
+// CountAllEnabledAPINodesWithSSLCertId 计算使用某个SSL证书的API节点数量
+func (this *APINodeService) CountAllEnabledAPINodesWithSSLCertId(ctx context.Context, req *pb.CountAllEnabledAPINodesWithSSLCertIdRequest) (*pb.RPCCountResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	policyIds, err := models.SharedSSLPolicyDAO.FindAllEnabledPolicyIdsWithCertId(tx, req.SslCertId)
+	if err != nil {
+		return nil, err
+	}
+	if len(policyIds) == 0 {
+		return this.SuccessCount(0)
+	}
+
+	count, err := models.SharedAPINodeDAO.CountAllEnabledAPINodesWithSSLPolicyIds(tx, policyIds)
+	if err != nil {
+		return nil, err
+	}
+	return this.SuccessCount(count)
+}
diff --git a/internal/rpc/services/service_user_node.go b/internal/rpc/services/service_user_node.go
index 0eee678b..a66e6b49 100644
--- a/internal/rpc/services/service_user_node.go
+++ b/internal/rpc/services/service_user_node.go
@@ -27,7 +27,7 @@ func (this *UserNodeService) CreateUserNode(ctx context.Context, req *pb.CreateU
 		return nil, err
 	}
 
-	return &pb.CreateUserNodeResponse{NodeId: nodeId}, nil
+	return &pb.CreateUserNodeResponse{UserNodeId: nodeId}, nil
 }
 
 // UpdateUserNode 修改用户节点
@@ -39,7 +39,7 @@ func (this *UserNodeService) UpdateUserNode(ctx context.Context, req *pb.UpdateU
 
 	tx := this.NullTx()
 
-	err = models.SharedUserNodeDAO.UpdateUserNode(tx, req.NodeId, req.Name, req.Description, req.HttpJSON, req.HttpsJSON, req.AccessAddrsJSON, req.IsOn)
+	err = models.SharedUserNodeDAO.UpdateUserNode(tx, req.UserNodeId, req.Name, req.Description, req.HttpJSON, req.HttpsJSON, req.AccessAddrsJSON, req.IsOn)
 	if err != nil {
 		return nil, err
 	}
@@ -56,7 +56,7 @@ func (this *UserNodeService) DeleteUserNode(ctx context.Context, req *pb.DeleteU
 
 	tx := this.NullTx()
 
-	err = models.SharedUserNodeDAO.DisableUserNode(tx, req.NodeId)
+	err = models.SharedUserNodeDAO.DisableUserNode(tx, req.UserNodeId)
 	if err != nil {
 		return nil, err
 	}
@@ -99,7 +99,7 @@ func (this *UserNodeService) FindAllEnabledUserNodes(ctx context.Context, req *p
 		})
 	}
 
-	return &pb.FindAllEnabledUserNodesResponse{Nodes: result}, nil
+	return &pb.FindAllEnabledUserNodesResponse{UserNodes: result}, nil
 }
 
 // CountAllEnabledUserNodes 计算用户节点数量
@@ -155,7 +155,7 @@ func (this *UserNodeService) ListEnabledUserNodes(ctx context.Context, req *pb.L
 		})
 	}
 
-	return &pb.ListEnabledUserNodesResponse{Nodes: result}, nil
+	return &pb.ListEnabledUserNodesResponse{UserNodes: result}, nil
 }
 
 // FindEnabledUserNode 根据ID查找节点
@@ -167,13 +167,13 @@ func (this *UserNodeService) FindEnabledUserNode(ctx context.Context, req *pb.Fi
 
 	tx := this.NullTx()
 
-	node, err := models.SharedUserNodeDAO.FindEnabledUserNode(tx, req.NodeId)
+	node, err := models.SharedUserNodeDAO.FindEnabledUserNode(tx, req.UserNodeId)
 	if err != nil {
 		return nil, err
 	}
 
 	if node == nil {
-		return &pb.FindEnabledUserNodeResponse{Node: nil}, nil
+		return &pb.FindEnabledUserNodeResponse{UserNode: nil}, nil
 	}
 
 	accessAddrs, err := node.DecodeAccessAddrStrings()
@@ -193,7 +193,7 @@ func (this *UserNodeService) FindEnabledUserNode(ctx context.Context, req *pb.Fi
 		AccessAddrsJSON: []byte(node.AccessAddrs),
 		AccessAddrs:     accessAddrs,
 	}
-	return &pb.FindEnabledUserNodeResponse{Node: result}, nil
+	return &pb.FindEnabledUserNodeResponse{UserNode: result}, nil
 }
 
 // FindCurrentUserNode 获取当前用户节点的版本
@@ -220,7 +220,7 @@ func (this *UserNodeService) FindCurrentUserNode(ctx context.Context, req *pb.Fi
 	}
 
 	if node == nil {
-		return &pb.FindCurrentUserNodeResponse{Node: nil}, nil
+		return &pb.FindCurrentUserNodeResponse{UserNode: nil}, nil
 	}
 
 	accessAddrs, err := node.DecodeAccessAddrStrings()
@@ -240,7 +240,7 @@ func (this *UserNodeService) FindCurrentUserNode(ctx context.Context, req *pb.Fi
 		AccessAddrsJSON: []byte(node.AccessAddrs),
 		AccessAddrs:     accessAddrs,
 	}
-	return &pb.FindCurrentUserNodeResponse{Node: result}, nil
+	return &pb.FindCurrentUserNodeResponse{UserNode: result}, nil
 }
 
 // UpdateUserNodeStatus 更新节点状态
@@ -251,8 +251,8 @@ func (this *UserNodeService) UpdateUserNodeStatus(ctx context.Context, req *pb.U
 		return nil, err
 	}
 
-	if req.NodeId > 0 {
-		nodeId = req.NodeId
+	if req.UserNodeId > 0 {
+		nodeId = req.UserNodeId
 	}
 
 	if nodeId <= 0 {
@@ -267,3 +267,26 @@ func (this *UserNodeService) UpdateUserNodeStatus(ctx context.Context, req *pb.U
 	}
 	return this.Success()
 }
+
+// CountAllEnabledUserNodesWithSSLCertId 计算使用某个SSL证书的用户节点数量
+func (this *UserNodeService) CountAllEnabledUserNodesWithSSLCertId(ctx context.Context, req *pb.CountAllEnabledUserNodesWithSSLCertIdRequest) (*pb.RPCCountResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	policyIds, err := models.SharedSSLPolicyDAO.FindAllEnabledPolicyIdsWithCertId(tx, req.SslCertId)
+	if err != nil {
+		return nil, err
+	}
+	if len(policyIds) == 0 {
+		return this.SuccessCount(0)
+	}
+
+	count, err := models.SharedUserNodeDAO.CountAllEnabledUserNodesWithSSLPolicyIds(tx, policyIds)
+	if err != nil {
+		return nil, err
+	}
+	return this.SuccessCount(count)
+}