Closed ycsks closed 3 months ago
clients处新增一段{id,flow},记得前面的要加“,”
能将修改好的配置发一下吗
@ycsks 来project X tg群伸手,大量客服。
"clients": [
{
"id": "08c82043-14e5-4ed8-be15-8c956cd89b0c", //替换为你的uuid
"flow": "xtls-rprx-vision" //流控
},
{
"id": "22222222222222222", //替换为你的uuid
"flow": "xtls-rprx-vision" //流控
}
],
就是复制一次clients 里的东西,别忘了逗号
试了不行,,域名相同可以连接,等于多了一个UUID, 用第二个绑定的域名则无法连接
以我浅薄的理解,"certificates"一段 是你其中的一个域名的证书,tls加密需要这个域名的证书。也许你需要用另一个端口,重新配置一套入站,这样需要另一个入口。但是端口不在443也许不是个好主意。 这样还不行我就没办法啦
多个id就是换了个uuid,确实不对。
"port": 460, //端口
"protocol": "vless", //协议类型
"settings": {
"clients": [
{
"id": "08c82043-14e5-4ed8-be15-8c956cd89b0c", //替换为你的uuid
"flow": "xtls-rprx-vision" //流控
}
],
"decryption": "none",
"fallbacks": [
{
"dest": 10010, //Trojan协议的分流端口
"xver": 1
},
{
"path": "/vlessws", //vless+ws的分流路径
"dest": 10011, //分流端口
"xver": 1
},
{
"path": "/vmessws", //vmess+ws的分流路径
"dest": 10012, //分流端口
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"rejectUnknownSni": true, //服务端接收到的 SNI 与证书域名不匹配即拒绝 TLS 握手
"fingerprint": "chrome", //TLS指纹伪装,伪装为chrome浏览器指纹
"allowInsecure": false, //不允许不安全连接(仅用于客户端)
"alpn": [
"http/1.1",
"h2"
],
"certificates": [
{
"ocspStapling": 3600, //OCSP 装订更新,与证书热重载的时间间隔
"certificateFile": "证书2", //证书位置,绝对路径
"keyFile": "私钥2" //私钥位置,绝对路径
}
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
},
无法连接,有没其他办法
Set nginx as fronter, then listen different server names.
Mar 10, 2023 19:11:39 9零 @.***>:
无法连接,有没其他办法
— Reply to this email directly, view it on GitHub[https://github.com/XTLS/Xray-core/issues/1763#issuecomment-1463649866], or unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYF3DKB5PDZC3J2ZOGLW3MD6VANCNFSM6AAAAAAVVUIS2M]. You are receiving this because you are subscribed to this thread.[Tracking image][https://github.com/notifications/beacon/AKGBAYHZ3XCGGXUUINHHLXTW3MD6VA5CNFSM6AAAAAAVVUIS2OWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSXHWDEU.gif]
发配置文件吧,拜托托
Request beyond basic using need your efforts to run it out.
Mar 10, 2023 19:16:36 9零 @.***>:
发配置文件吧,拜托托
— Reply to this email directly, view it on GitHub[https://github.com/XTLS/Xray-core/issues/1763#issuecomment-1463655996], or unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYB7HP62F2AMJ2NBNDDW3MERJANCNFSM6AAAAAAVVUIS2M]. You are receiving this because you commented.[Tracking image][https://github.com/notifications/beacon/AKGBAYHVIZCD5GA7YTB5ZWLW3MERJA5CNFSM6AAAAAAVVUIS2OWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSXHWPDY.gif]
谁能修改那两个配置文件,实现双域名啊
这不很简单吗,证书那里是个数组,可以写多个域名对应的证书
能发个代码吗,试了很多次,不知道该怎么改
多用户加ID就好了,不用加域名,你域名多了,跟证书就对不上了,自然连不上
"clients": [ { "id": "08c82043-14e5-4ed8-be15-8c956cd89b0c", //替换为你的uuid "flow": "xtls-rprx-vision" //流控 }, { "id": "22222222222222222", //替换为你的uuid "flow": "xtls-rprx-vision" //流控 } ],
就是复制一次clients 里的东西,别忘了逗号
加上这个试试?
"certificates": [
{
"ocspStapling": 3600, //OCSP 装订更新,与证书热重载的时间间隔
"certificateFile": "/etc/ssl/private/cert.crt", //证书位置,绝对路径
"keyFile": "/etc/ssl/private/private.key" //私钥位置,绝对路径
},
{
"ocspStapling": 3600, //OCSP 装订更新,与证书热重载的时间间隔
"certificateFile": "/etc/ssl/private/cert2.crt", //证书2位置,绝对路径
"keyFile": "/etc/ssl/private/private2.key" //私钥2位置,绝对路径
}
]
成了,真是标点符号按错都不行,看不懂代码只能摸黑
那是证书的问题,要么用通配符证书,要么第二个域名忽略证书安全性校验就可以。
这种只能通过 nginx SNI 在最前面监听443分流 具体可以看 这个 选23安装 https://github.com/jinwyp/one_click_script/blob/master/README2_CN.md
============================================config.json {
} ============================================nginx.conf user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf;
events { worker_connections 768; }
http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65;
}