v2ray icon indicating copy to clipboard operation
v2ray copied to clipboard

Published 20 hours ago verified publisher icon 233boy

v2ray和caddy能正常运行,但是caddy的log一直有error

Open Facico opened this issue 1 year ago • 1 comments

v2ray status 显示正常运行:V2Ray 状态: 正在运行 / Caddy 状态: 正在运行 systemctl status caddy也显示caddy正在运行,但是systemctl status caddy下面的log是这样的:

Aug 10 09:40:57 vultr caddy[26264]: {"level":"info","ts":1660095657.568493,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hx.facico.top","challenge_type":"http-01","ca":"https://acme-staging-v02.api.letsencrypt.org/dire
Aug 10 09:41:07 vultr caddy[26264]: 
{"level":"error","ts":1660095667.8770547,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hx.facico.top","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","tit
Aug 10 09:41:07 vultr caddy[26264]: 
{"level":"error","ts":1660095667.8778358,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hx.facico.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45
Aug 10 09:41:08 vultr caddy[26264]: 
{"level":"info","ts":1660095668.947944,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hx.facico.top","challenge_type":"tls-alpn-01","ca":"https://acme-staging-v02.api.letsencrypt.org/
Aug 10 09:41:19 vultr caddy[26264]: 
{"level":"error","ts":1660095679.2556038,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hx.facico.top","challenge_type":"tls-alpn-01","problem":{"type":"urn:ietf:params:acme:error:connection",
Aug 10 09:41:19 vultr caddy[26264]: 
{"level":"error","ts":1660095679.2562907,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hx.facico.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45
Aug 10 09:41:19 vultr caddy[26264]: 
{"level":"error","ts":1660095679.2566023,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"hx.facico.top","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acm
Aug 10 09:41:19 vultr caddy[26264]: 
{"level":"warn","ts":1660095679.2570214,"logger":"tls.issuance.zerossl","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Aug 10 09:41:20 vultr caddy[26264]: 
{"level":"info","ts":1660095680.234611,"logger":"tls.issuance.zerossl","msg":"generated EAB credentials","key_id":"YzxZPKm1jsXnI5zpLn1T3Q"}
Aug 10 09:41:52 vultr caddy[26264]: 
{"level":"info","ts":1660095712.3051085,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hx.facico.top","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}

中间一直重复出现这几个error:challenge failed、validating authorization、could not get certificate from issuer

  • 由于缺乏相关的资料我也不知道该怎么解决,一开始以为是证书申请太多次了,然后隔了一周又跑了一遍还是这样

配置是用的websocket+tls(选项4)+网页伪装

Facico avatar Aug 10 '22 01:08 Facico

你的80 端口 443 端口都是开着的吗? 系统里有没有其它程序占用了端口? 比如,apache占用了80?

crazypeace avatar Aug 11 '22 15:08 crazypeace

@crazypeace 上面log因为太长了,没截全,error部分完整是这样的

Aug 12 03:14:51 vultr caddy[4375]: {"level":"error","ts":1660245291.5874836,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hxnb.facico.top","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45.76.77.190: Fetching http://hxnb.facico.top/.well-known/acme-challenge/72A3Mhtk_RrS5IHwRTqncJEqZVfQi8HBYduDMsVGZAA: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]}}
Aug 12 03:14:51 vultr caddy[4375]: 
{"level":"error","ts":1660245291.5884125,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hxnb.facico.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45.76.77.190: Fetching http://hxnb.facico.top/.well-known/acme-challenge/72A3Mhtk_RrS5IHwRTqncJEqZVfQi8HBYduDMsVGZAA: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]},"order":"https://acme-staging-v02
Aug 12 03:14:51 vultr caddy[4375]: 
{"level":"error","ts":1660245291.5888164,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"hxnb.facico.top","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:connection - 45.76.77.190: Fetching http://hxnb.facico.top/.well-known/acme-challenge/72A3Mhtk_RrS5IHwRTqncJEqZVfQi8HBYduDMsVGZAA: Timeout during connect (likely firewall problem)"}

80和443端口工作看起来没有问题

root@vultr:~# netstat -tulpn | grep caddy
tcp        0      0 127.0.0.1:2019          0.0.0.0:*               LISTEN      4375/caddy     
tcp6       0      0 :::80                   :::*                    LISTEN      4375/caddy          
tcp6       0      0 :::443                  :::*                    LISTEN      4375/caddy

用的机子是vultr的,默认没开防火墙

试过233的版本和这个crazypeace的版本,都不行,都是这个错误

Facico avatar Aug 12 '22 01:08 Facico

你从外部测试一下你的 80 443 端口通不通? ping.pe

开放防火墙用这个试试

sudo ufw allow 80
sudo ufw allow 443

crazypeace avatar Aug 12 '22 01:08 crazypeace

噢,感谢,确实是这个问题,我看vultr防火墙配置规则没有东西以为是都开放了(之前配nginx的时候都没遇到这种问题)

Facico avatar Aug 12 '22 01:08 Facico