search

wulabing / Xray_onekey

Xray 基于 Nginx 的 VLESS + XTLS 一键安装脚本
MIT License
9.27k stars 3.64k forks source link

SSL 证书生成失败 #447

Closed hotzwd closed 1 year ago

hotzwd commented 1 year ago

感谢你向 Xray_onekey 提交 issue!

在提交之前,请确认:

请注意,如果你没有遵照此 Issue Template 填写内容,我们将看心情关闭这个 issue。

服务运行情况

Redirecting to /bin/systemctl status xray.service ● xray.service - Xray Service Loaded: loaded (/etc/systemd/system/xray.service; enabled; vendor preset: disabled) Drop-In: /etc/systemd/system/xray.service.d └─10-donot_touch_single_conf.conf Active: active (running) since Wed 2023-02-22 03:39:06 UTC; 3min 33s ago Docs: https://github.com/xtls Main PID: 5193 (xray) CGroup: /system.slice/xray.service └─5193 /usr/local/bin/xray run -config /usr/local/etc/xray/config.json

在此处粘贴输出内容

请运行命令 service nginx status 并粘贴输出:

在此处粘贴输出内容

环境 Environment

说明 Description

在此处粘贴说明内容

重现问题的具体步骤

  1. ...
  2. ...
  3. ...

我预期会发生……?

实际上发生了什么?

可能的解决方案 Possible Solution

更多信息 More Information

Hins888 commented 1 year ago

服务运行情况

● xray.service - Xray Service xray.service - Xray Service Loaded: loaded (/etc/systemd/system/xray.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/xray.service.d └─10-donot_touch_single_conf.conf Active: active (running) since Tue 2023-02-28 00:59:54 CST; 7min ago Docs: https://github.com/xtls Main PID: 198087 (xray) Tasks: 9 (limit: 28701) Memory: 4.1M CPU: 96ms CGroup: /system.slice/xray.service └─198087 /usr/local/bin/xray run -config /usr/local/etc/xray/config.json

Feb 28 00:59:54 instance-20220619 systemd[1]: Started Xray Service. Feb 28 00:59:54 instance-20220619 xray[198087]: Xray 1.7.5 (Xray, Penetrates Everything.) Custom (go1.20 linux/arm64) Feb 28 00:59:54 instance-20220619 xray[198087]: A unified platform for anti-censorship. Feb 28 00:59:54 instance-20220619 xray[198087]: 2023/02/28 00:59:54 [Info] infra/conf/serial: Reading config: /usr/local/etc/xray/config.json

请运行命令 service nginx status 并粘贴输出:

nginx.service - nginx - high performance web server Loaded: loaded (/lib/systemd/system/nginx.service; disabled; vendor preset: enabled) Active: active (running) since Tue 2023-02-28 00:59:53 CST; 9min ago Docs: https://nginx.org/en/docs/ Process: 198078 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS) Main PID: 198079 (nginx) Tasks: 5 (limit: 28701) Memory: 3.9M CPU: 23ms CGroup: /system.slice/nginx.service ├─198079 "nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf" ├─198080 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ├─198081 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ├─198082 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" └─198083 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""

Feb 28 00:59:53 instance-20220619 systemd[1]: Starting nginx - high performance web server... Feb 28 00:59:53 instance-20220619 systemd[1]: Started nginx - high performance web server.

环境 Environment oracle cloud, ubuntu 刚刚更新 不是全新安装,有安装X-UI,ACME,之前用的网络跳跃脚本装的XRAY,卸载后用你的脚本安装,但是无法生成证书

重现问题的具体步骤

[OK] 当前版本为最新版本 [OK] 您可以通过 bash install.sh 执行本程序 Xray 安装管理脚本 [0.2.2] ---authored by wulabing--- https://github.com/wulabing

当前已安装版本:ws —————————————— 安装向导 ——————————————

  1. 升级 脚本
  2. 安装 Xray (VLESS + TCP + TLS + Nginx + WebSocket) —————————————— 配置变更 ——————————————
  3. 变更 UUID
  4. 变更 连接端口
  5. 变更 WebSocket PATH —————————————— 查看信息 ——————————————
  6. 查看 实时访问日志
  7. 查看 实时错误日志
  8. 查看 Xray 配置链接 —————————————— 其他选项 ——————————————
  9. 安装 4 合 1 BBR、锐速安装脚本
  10. 安装 MTproxy(不推荐使用,请相关用户关闭或卸载)
  11. 卸载 Xray
  12. 更新 Xray-core
  13. 安装 Xray-core 测试版(Pre)
  14. 手动更新SSL证书
  15. 退出 请输入数字:36 [Tue Feb 28 00:59:37 CST 2023] ===Starting cron=== [Tue Feb 28 00:59:37 CST 2023] Renew: 'hins007.xyz' [Tue Feb 28 00:59:37 CST 2023] Renew to Le_API=https://acme.zerossl.com/v2/DV90 [Tue Feb 28 00:59:37 CST 2023] Skip invalid cert for: hins007.xyz [Tue Feb 28 00:59:38 CST 2023] Skipped hins007.xyz [Tue Feb 28 00:59:38 CST 2023] Renew: 'hins007.xyz' [Tue Feb 28 00:59:38 CST 2023] Renew to Le_API=https://acme.zerossl.com/v2/DV90 [Tue Feb 28 00:59:39 CST 2023] Using CA: https://acme.zerossl.com/v2/DV90 [Tue Feb 28 00:59:39 CST 2023] Multi domain='DNS:hins007.xyz,DNS:www.hins007.xyz ' [Tue Feb 28 00:59:39 CST 2023] Getting domain auth token for each domain [Tue Feb 28 00:59:47 CST 2023] Getting webroot for domain='hins007.xyz' [Tue Feb 28 00:59:47 CST 2023] Getting webroot for domain='www.hins007.xyz' [Tue Feb 28 00:59:48 CST 2023] Adding txt value: el-89APMRUIMTX6hkuhyGzGJMEoSZo7 F-rX7wa9DP-M for domain: _acme-challenge.hins007.xyz [Tue Feb 28 00:59:49 CST 2023] invalid domain [Tue Feb 28 00:59:49 CST 2023] Error add txt for domain:_acme-challenge.hins007. xyz [Tue Feb 28 00:59:49 CST 2023] Please check log file for more details: /root/.ac me.sh/acme.sh.log [Tue Feb 28 00:59:53 CST 2023] Error renew hins007.xyz_ecc. [Tue Feb 28 00:59:53 CST 2023] ===End cron===

我用ACME申请证书也是同样的错误。请教如何解决。

fieri commented 1 year ago

碰到同样问题,CENTOS 7

snowroll commented 1 year ago

换ubuntu,亲测可行

ruanimal commented 1 year ago

把 iptables 规则清一下

szz1233 commented 1 year ago

把 iptables 规则清一下

请问大佬具体怎样做

aJIEw commented 1 year ago

iptables -F 不一定有用,我尝试了下发现原因是 nginx 不能正常启动。因此,假如你不是在全新的 vps 上第一次使用该脚本,可以先看下 nginx 是否启动报错了。

我的话是因为之前已经运行过脚本并且安装了 nginx,再次启动脚本的时候 nginx 使用了旧的证书路径,导致无法正常启动 (cannot load certificate),解决了这个问题之后再运行脚本就可以正常生成证书了。

如果还是不行,最好先检查下你的域名能否正常访问:

curl -IkL -m20 http://[your domain]