v2ray
v2ray copied to clipboard
v2ray和caddy能正常运行,但是caddy的log一直有error
v2ray status 显示正常运行:V2Ray 状态: 正在运行 / Caddy 状态: 正在运行 systemctl status caddy也显示caddy正在运行,但是systemctl status caddy下面的log是这样的:
Aug 10 09:40:57 vultr caddy[26264]: {"level":"info","ts":1660095657.568493,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hx.facico.top","challenge_type":"http-01","ca":"https://acme-staging-v02.api.letsencrypt.org/dire
Aug 10 09:41:07 vultr caddy[26264]:
{"level":"error","ts":1660095667.8770547,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hx.facico.top","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","tit
Aug 10 09:41:07 vultr caddy[26264]:
{"level":"error","ts":1660095667.8778358,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hx.facico.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45
Aug 10 09:41:08 vultr caddy[26264]:
{"level":"info","ts":1660095668.947944,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hx.facico.top","challenge_type":"tls-alpn-01","ca":"https://acme-staging-v02.api.letsencrypt.org/
Aug 10 09:41:19 vultr caddy[26264]:
{"level":"error","ts":1660095679.2556038,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hx.facico.top","challenge_type":"tls-alpn-01","problem":{"type":"urn:ietf:params:acme:error:connection",
Aug 10 09:41:19 vultr caddy[26264]:
{"level":"error","ts":1660095679.2562907,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hx.facico.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45
Aug 10 09:41:19 vultr caddy[26264]:
{"level":"error","ts":1660095679.2566023,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"hx.facico.top","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acm
Aug 10 09:41:19 vultr caddy[26264]:
{"level":"warn","ts":1660095679.2570214,"logger":"tls.issuance.zerossl","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Aug 10 09:41:20 vultr caddy[26264]:
{"level":"info","ts":1660095680.234611,"logger":"tls.issuance.zerossl","msg":"generated EAB credentials","key_id":"YzxZPKm1jsXnI5zpLn1T3Q"}
Aug 10 09:41:52 vultr caddy[26264]:
{"level":"info","ts":1660095712.3051085,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hx.facico.top","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
中间一直重复出现这几个error:challenge failed、validating authorization、could not get certificate from issuer
- 由于缺乏相关的资料我也不知道该怎么解决,一开始以为是证书申请太多次了,然后隔了一周又跑了一遍还是这样
配置是用的websocket+tls(选项4)+网页伪装
你的80 端口 443 端口都是开着的吗? 系统里有没有其它程序占用了端口? 比如,apache占用了80?
@crazypeace 上面log因为太长了,没截全,error部分完整是这样的
Aug 12 03:14:51 vultr caddy[4375]: {"level":"error","ts":1660245291.5874836,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hxnb.facico.top","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45.76.77.190: Fetching http://hxnb.facico.top/.well-known/acme-challenge/72A3Mhtk_RrS5IHwRTqncJEqZVfQi8HBYduDMsVGZAA: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]}}
Aug 12 03:14:51 vultr caddy[4375]:
{"level":"error","ts":1660245291.5884125,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hxnb.facico.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"45.76.77.190: Fetching http://hxnb.facico.top/.well-known/acme-challenge/72A3Mhtk_RrS5IHwRTqncJEqZVfQi8HBYduDMsVGZAA: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]},"order":"https://acme-staging-v02
Aug 12 03:14:51 vultr caddy[4375]:
{"level":"error","ts":1660245291.5888164,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"hxnb.facico.top","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:connection - 45.76.77.190: Fetching http://hxnb.facico.top/.well-known/acme-challenge/72A3Mhtk_RrS5IHwRTqncJEqZVfQi8HBYduDMsVGZAA: Timeout during connect (likely firewall problem)"}
80和443端口工作看起来没有问题
root@vultr:~# netstat -tulpn | grep caddy
tcp 0 0 127.0.0.1:2019 0.0.0.0:* LISTEN 4375/caddy
tcp6 0 0 :::80 :::* LISTEN 4375/caddy
tcp6 0 0 :::443 :::* LISTEN 4375/caddy
用的机子是vultr的,默认没开防火墙
试过233的版本和这个crazypeace的版本,都不行,都是这个错误
你从外部测试一下你的 80 443 端口通不通? ping.pe
开放防火墙用这个试试
sudo ufw allow 80
sudo ufw allow 443
噢,感谢,确实是这个问题,我看vultr防火墙配置规则没有东西以为是都开放了(之前配nginx的时候都没遇到这种问题)