XrayR 无法获取证书是什么情况，谢谢

用的一件脚本麻烦看下谢谢

请输入选择 [0-13]: 8 -- Logs begin at 日 2022-08-07 18:49:20 CST. -- 8月 07 18:54:32 c11-v2 systemd[1]: Started XrayR Service. 8月 07 18:54:32 c11-v2 XrayR[5424]: XrayR 0.8.1 (A Xray backend that supports many panels) 8月 07 18:54:32 c11-v2 XrayR[5424]: 2022/08/07 18:54:32 Start the panel.. 8月 07 18:54:32 c11-v2 XrayR[5424]: 2022/08/07 18:54:32 Xray Core Version: 1.5.9 8月 07 18:54:32 c11-v2 XrayR[5424]: 2022/08/07 18:54:32 No key found for account [email protected]. Generating a P256 key. 8月 07 18:54:32 c11-v2 XrayR[5424]: 2022/08/07 18:54:32 Saved key to /etc/XrayR/cert/accounts/acme-v02.api.letsencrypt.org/[email protected]/keys/[email protected] 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] acme: Registering account for [email protected] 8月 07 18:54:33 c11-v2 XrayR[5424]: !!!! HEADS UP !!!! 8月 07 18:54:33 c11-v2 XrayR[5424]: Your account credentials have been saved in your Let's Encrypt 8月 07 18:54:33 c11-v2 XrayR[5424]: configuration directory at "/etc/XrayR/cert/accounts". 8月 07 18:54:33 c11-v2 XrayR[5424]: You should make a secure backup of this folder now. This 8月 07 18:54:33 c11-v2 XrayR[5424]: configuration directory will also contain certificates and 8月 07 18:54:33 c11-v2 XrayR[5424]: private keys obtained from Let's Encrypt so making regular 8月 07 18:54:33 c11-v2 XrayR[5424]: backups of this folder is ideal. 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] acme: Obtaining bundled SAN certificate 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/139327755396 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] acme: Could not find solver for: tls-alpn-01 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] acme: Could not find solver for: http-01 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] acme: use dns-01 solver 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] acme: Preparing to solve DNS-01 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] cloudflare: new record for c1.5xxxxx.xyz, ID b40d92837d7a6db325c32d712dbe795d 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] acme: Trying to solve DNS-01 8月 07 18:54:33 c11-v2 XrayR[5424]: 2022/08/07 18:54:33 [INFO] [c1.5xxxxx.xyz] acme: Checking DNS record propagation using [8.8.8.8:53 8.8.4.4:53] 8月 07 18:54:35 c11-v2 XrayR[5424]: 2022/08/07 18:54:35 [INFO] Wait for propagation [timeout: 2m0s, interval: 2s] 8月 07 18:54:45 c11-v2 XrayR[5424]: 2022/08/07 18:54:45 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:54:57 c11-v2 XrayR[5424]: 2022/08/07 18:54:57 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:55:09 c11-v2 XrayR[5424]: 2022/08/07 18:55:09 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:55:21 c11-v2 XrayR[5424]: 2022/08/07 18:55:21 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:55:33 c11-v2 XrayR[5424]: 2022/08/07 18:55:33 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:55:45 c11-v2 XrayR[5424]: 2022/08/07 18:55:45 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:55:57 c11-v2 XrayR[5424]: 2022/08/07 18:55:57 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:56:09 c11-v2 XrayR[5424]: 2022/08/07 18:56:09 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:56:21 c11-v2 XrayR[5424]: 2022/08/07 18:56:21 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:56:33 c11-v2 XrayR[5424]: 2022/08/07 18:56:33 [INFO] [c1.5xxxxx.xyz] acme: Waiting for DNS record propagation. 8月 07 18:56:35 c11-v2 XrayR[5424]: 2022/08/07 18:56:35 [INFO] [c1.5xxxxx.xyz] acme: Cleaning DNS-01 challenge 8月 07 18:56:36 c11-v2 XrayR[5424]: 2022/08/07 18:56:36 [INFO] retry due to: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/authz-v3/139327755396 :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: "0002VJ5Exa3hGCg9ClonshIax5CbxNa0Y5HSup9REiui80w" 8月 07 18:56:36 c11-v2 XrayR[5424]: 2022/08/07 18:56:36 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/139327755396 8月 07 18:56:36 c11-v2 XrayR[5424]: 2022/08/07 18:56:36 Could not obtain certificates: 8月 07 18:56:36 c11-v2 XrayR[5424]: error: one or more domains had a problem: 8月 07 18:56:36 c11-v2 XrayR[5424]: [c1.5xxxxx.xyz] time limit exceeded: last error: read udp [2607:f130:0:151:216:3eff:fe2d:8f76]:57894->[2606:4700:50::adf5:3a56]:53: i/o timeout 8月 07 18:56:36 c11-v2 XrayR[5424]: 2022/08/07 18:56:36 Could not obtain certificates: 8月 07 18:56:36 c11-v2 XrayR[5424]: error: one or more domains had a problem: 8月 07 18:56:36 c11-v2 XrayR[5424]: [c1.5xxxxx.xyz] time limit exceeded: last error: read udp [2607:f130:0:151:216:3eff:fe2d:8f76]:57894->[2606:4700:50::adf5:3a56]:53: i/o timeout 8月 07 18:56:36 c11-v2 XrayR[5424]: panic: Could not obtain certificates: 8月 07 18:56:36 c11-v2 XrayR[5424]: error: one or more domains had a problem: 8月 07 18:56:36 c11-v2 XrayR[5424]: [c1.5xxxxx.xyz] time limit exceeded: last error: read udp [2607:f130:0:151:216:3eff:fe2d:8f76]:57894->[2606:4700:50::adf5:3a56]:53: i/o timeout 8月 07 18:56:36 c11-v2 XrayR[5424]: goroutine 1 [running]: 8月 07 18:56:36 c11-v2 XrayR[5424]: log.Panic({0xc00054fd48?, 0xc000220a90?, 0xc00086fd78?}) 8月 07 18:56:36 c11-v2 XrayR[5424]: log/log.go:385 +0x65 8月 07 18:56:36 c11-v2 XrayR[5424]: github.com/XrayR-project/XrayR/service/controller.(*Controller).Start(0xc000220820) 8月 07 18:56:36 c11-v2 XrayR[5424]: github.com/XrayR-project/XrayR/service/controller/controller.go:68 +0x256 8月 07 18:56:36 c11-v2 XrayR[5424]: github.com/XrayR-project/XrayR/panel.(*Panel).Start(0xc000039e00) 8月 07 18:56:36 c11-v2 XrayR[5424]: github.com/XrayR-project/XrayR/panel/panel.go:192 +0x4fa 8月 07 18:56:36 c11-v2 XrayR[5424]: main.main() 8月 07 18:56:36 c11-v2 XrayR[5424]: github.com/XrayR-project/XrayR/main/main.go:92 +0x1ed 8月 07 18:56:36 c11-v2 systemd[1]: XrayR.service: main process exited, code=exited, status=2/INVALIDARGUMENT 8月 07 18:56:36 c11-v2 systemd[1]: Unit XrayR.service entered failed state. 8月 07 18:56:36 c11-v2 systemd[1]: XrayR.service failed. 8月 07 18:56:46 c11-v2 systemd[1]: XrayR.service holdoff time over, scheduling restart. 8月 07 18:56:46 c11-v2 systemd[1]: Stopped XrayR Service. 8月 07 18:56:46 c11-v2 systemd[1]: Started XrayR Service. 8月 07 18:56:46 c11-v2 XrayR[6980]: XrayR 0.8.1 (A Xray backend that supports many panels) 8月 07 18:56:46 c11-v2 XrayR[6980]: 2022/08/07 18:56:46 Start the panel..

Aug 07 '22 10:08 cumtsd

下面是配置文件

##基础配置

#日志配置 Log: Level: none #日志显示级别，none为不显示: none, error, warning, info, debug AccessPath: /etc/XrayR/access.Log # Access日志的保存路径 ErrorPath: /etc/XrayR/error.log #Error日志的保存路径 DnsConfigPath: /etc/XrayR/dns.json #自定义DNS配置文件的路径 RouteConfigPath: /etc/XrayR/route.json #指定路由配置文件文件路径 InboundConfigPath: /etc/XrayR/custom_inbound.json #自定义入口配置文件的路径 OutboundConfigPath: /etc/XrayR/custom_outbound.json #自定义出口配置文件的路径

#连接控制 ConnetionConfig: Handshake: 4 # 连接建立时的握手时间限制 ConnIdle: 30 # 连接空闲的时间限制 UplinkOnly: 0 # 当连接下行线路关闭后的时间限制 DownlinkOnly: 0 # 当连接上行线路关闭后的时间限制 BufferSize: 6400 # 每个连接的内部缓存大小。单位为 kB

##节点配置
Nodes:

PanelType: "V2board" #对接前端面板类型:SSpanel,V2board,PMpanel, Proxypanel

#面板对接配置 ApiConfig: ApiHost: "https://sxxxxx.com" #对接前端面板地址 ApiKey: "xxxxxxx" #前端对接通讯秘钥 NodeID: 11 #节点ID NodeType: V2ray #节点类型: V2ray, Shadowsocks, Trojan, Shadowsocks-Plugin Timeout: 5 # 设定单次访问API超时时间，默认5秒 EnableVless: false #是否启用Vless协议：true,false EnableXTLS: false #是否使用XTLS：true,false SpeedLimit: 0 #本地限速设置，0为不启用 DeviceLimit: 3 #本地设备限制，0为不启用 RuleListPath: /etc/XrayR/rulelist #本地规则设置 DisableCustomConfig: false #是否启用custom_config：true,false #后端相关配置 ControllerConfig: ListenIP: 0.0.0.0 # 监听的IP地址 SendIP: 0.0.0.0 # 用于发送数据的 IP 地址 UpdatePeriodic: 10 # 从前端更新节点、用户信息和上报用户使用信息的间隔 EnableDNS: true # 是否为当前节点启用自定义DNS：true,false DNSType: UseIPv4 # DNS解析类型：AsIs（使用系统DNS）,UseIP,UseIPv4,UseIPv6 DisableUploadTraffic: false #是否禁止上传节点流量：false, true DisableGetRule: false #是否禁止获取远程规则：false, true DisableIVCheck: false #是否关闭Shadowsocks用于防止重放攻击的布隆过滤器：false, true DisableSniffing: false #是否关闭domain sniffing：false, true EnableProxyProtocol: false # 是否为当前节点启用ProxyProtocol获取中转IP：false, true EnableFallback: false # 是否为当前节点启用Fallback：false, true FallBackConfigs: # Fallback 相关配置 - SNI: # TLS SNI(Server Name Indication), Empty for any Path: # HTTP PATH, Empty for any Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/features/fallback.html for details. ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for dsable #证书申请相关配置
CertConfig: CertMode: dns # 获取证书的方式:file:手动提供，并制定路径。http：通过http申请，需要80端口。dns：使用dns模式申请，需要制定相关dns服务商配置。none：强制关闭tls设置，交由nginx或者caddy处理。 CertDomain: "c1.5xxxxx.xyz" # 申请证书域名 CertFile: ./cert/node1.test.com.cert # 手动指定的证书路径 KeyFile: ./cert/node1.test.com.cert #手动指定的私钥路径 Provider: cloudflare #dns提供商 Email: [email protected] DNSEnv: # DNS ENV option used by DNS provider CLOUDFLARE_EMAIL: [email protected] CLOUDFLARE_API_KEY: e5xxxxxxxxc52b7fd010fa13dfd815123a

Aug 07 '22 11:08 cumtsd

哎，还是解决不了，头疼

Aug 29 '22 01:08 cumtsd

无法获取证书的情况是DNS解析不了你的落地机域名。解决办法很简单，把XrayR的config配置文件中的CertMode: dns 改成 CertMode: http 就可以了。原理是获取证书的方式不通过DNS解析域名。

Sep 22 '22 04:09 BurnabyMan

This issue is stale because it has been open for 30 days with no activity.

Oct 23 '22 03:10 github-actions[bot]

无法获取证书的情况是DNS解析不了你的落地机域名。解决办法很简单，把XrayR的config配置文件中的CertMode: dns 改成 CertMode: http 就可以了。原理是获取证书的方式不通过DNS解析域名。

这样确实可以了，但是只有Google用不了了

Oct 24 '22 07:10 cumtsd

无法获取证书的情况是DNS解析不了你的落地机域名。解决办法很简单，把XrayR的config配置文件中的CertMode: dns 改成 CertMode: http 就可以了。原理是获取证书的方式不通过DNS解析域名。

这样确实可以了，但是只有Google用不了了

这没事，对接上了以后你再把CertMode改回去dns

Oct 24 '22 14:10 BurnabyMan

This issue is stale because it has been open for 30 days with no activity.

Nov 25 '22 02:11 github-actions[bot]

U can use acme.sh instead, I got same error xrayr version 0.9.0 :

apt install acme -y
CF_Key="YOURCFKEY" CF_Email="YOURCFEMAIL" acme.sh --issue --dns dns_cf -d yourvps.baidu.com

and config

.... 
CertMode: file # 获取证书的方式:file:手动提供，并制定路径。http：通过http申请，需要80端口。dns：使用dns模式申请，需要制定相关dns服务商配置。none：强制关闭tls设置，交由nginx或者caddy处理。
CertDomain: "yourvps.baidu.com" # 申请证书域名
CertFile: /root/.acme.sh/yourvps.baidu.com/yourvps.baidu.com.cer # 手动指定的证书路径
KeyFile: /root/.acme.sh/yourvps.baidu.com/yourvps.baidu.com.key #手动指定的私钥路径
...

May 27 '23 01:05 tanpengsccd

无法获取证书的情况是DNS解析不了你的落地机域名。解决办法很简单，把XrayR的config配置文件中的CertMode: dns 改成 CertMode: http 就可以了。原理是获取证书的方式不通过DNS解析域名。

亲测有效，已解决！谢谢！

Jun 05 '23 16:06 Annihilater

无法获取证书的情况是DNS解析不了你的落地机域名。解决办法很简单，把XrayR的config配置文件中的CertMode: dns 改成 CertMode: http 就可以了。原理是获取证书的方式不通过DNS解析域名。

亲测有效，感谢大屌

Sep 20 '23 17:09 bhzy888

XrayR XrayR copied to clipboard

无法获取证书是什么情况，谢谢

##节点配置 Nodes:

XrayR
XrayR copied to clipboard

##节点配置
Nodes: