mirror of https://github.com/certd/certd
perf: 子域名托管说明
parent
b497eda26e
commit
b5d8161bc2
|
@ -120,6 +120,7 @@ export default defineConfig({
|
|||
{text: "邮箱配置", link: "/guide/use/email/index.md"},
|
||||
{text: "IPv6支持", link: "/guide/use/setting/ipv6.md"},
|
||||
{text: "ESXi", link: "/guide/use/ESXi/index.md"},
|
||||
{text: "子域名托管", link: "/guide/use/cert/subdomain.md"},
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
|
@ -1,81 +0,0 @@
|
|||
# 常见报错解决
|
||||
|
||||
## 1. getaddrinfo ENOTFOUND错误
|
||||
如果出现`getaddrinfo ENOTFOUND`/`getaddrinfo EAI_AGAIN`错误,可以尝试在`docker-compose.yaml`中设置dns
|
||||
```yaml
|
||||
version: '3.3' # 兼容旧版docker-compose
|
||||
services:
|
||||
certd:
|
||||
#↓↓↓↓ ------------ # 如果出现getaddrinfo ENOTFOUND 或 EAI_AGAIN错误,可以尝试设置dns
|
||||
dns:
|
||||
- 223.5.5.5 # 阿里云公共dns
|
||||
- 223.6.6.6
|
||||
# # ↓↓↓↓ ------- # 如果你服务器在腾讯云,可以用这个替换上面阿里云的公共dns
|
||||
# - 119.29.29.29 # 腾讯云公共dns
|
||||
# - 182.254.116.116
|
||||
# # ↓↓↓↓ ------- # 如果你服务器部署在国外,可以用这个替换上面阿里云的公共dns
|
||||
# - 8.8.8.8 # 谷歌公共dns
|
||||
# - 8.8.4.4
|
||||
```
|
||||
|
||||
如果仍然有问题,按如下步骤检查是否能够ping通域名
|
||||
```shell
|
||||
docker exec -it certd /bin/sh
|
||||
ping www.baidu.com
|
||||
ping gg.px.certd.handfree.work
|
||||
ping app.handfree.work
|
||||
```
|
||||
|
||||
如果您是宝塔部署的
|
||||
可以试试将容器网络加入brige网络,看是否解决问题
|
||||

|
||||
|
||||
如果还是不行,请联系我们
|
||||
|
||||
|
||||
## 2. 连接IPv6超时
|
||||
docker-compose 需要放开IPv6网络的配置
|
||||
```yaml
|
||||
services:
|
||||
certd:
|
||||
networks:
|
||||
- ip6net
|
||||
# ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络,还需要把上面networks的注释放开
|
||||
networks:
|
||||
ip6net:
|
||||
enable_ipv6: true
|
||||
ipam:
|
||||
config:
|
||||
- subnet: 2001:db8::/64
|
||||
|
||||
```
|
||||
|
||||
## 3. SSL_CERT_NOT_MATCH_DOMAIN_ERROR
|
||||
部署证书任务报类似 `SSL_CERT_NOT_MATCH_DOMAIN_ERROR`错误
|
||||
这是由于当前流水线的证书域名与要部署的目标站点的域名不匹配导致的,在申请证书任务中,增加目标站点域名,重新运行流水线即可
|
||||
|
||||
|
||||
## 4. 没有服务器配置文件,请检查是否开启了外网映射!
|
||||
宝塔网站证书部署报错:`Error: 没有服务器配置文件,请检查是否开启了外网映射!`
|
||||
解决方案:先手动在宝塔网站中设置一次证书
|
||||
|
||||
|
||||
## 5. 如何查看容器日志
|
||||
```shell
|
||||
docker logs -f --tail 200 certd
|
||||
```
|
||||
|
||||
## 6. 容器内走时不准,或者时区不对
|
||||
走时不准确,慢慢偏差越来越大
|
||||
或者整个时区都不对
|
||||
可以尝试挂载localtime文件
|
||||
```yaml
|
||||
volumes:
|
||||
# ↓↓↓↓↓ -------------------- 如果走时不准,请尝试挂载localtime文件
|
||||
- /etc/localtime:/etc/localtime
|
||||
- /etc/timezone:/etc/timezone
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
Binary file not shown.
After Width: | Height: | Size: 49 KiB |
Binary file not shown.
After Width: | Height: | Size: 76 KiB |
|
@ -0,0 +1,10 @@
|
|||
# 二级子域名托管
|
||||
如果你的域名是免费的二级域名(比如:sub.handsfree.work),托管在CF或者阿里云上
|
||||
在使用DNS方式校验时需要设置子域名托管
|
||||
|
||||
[阿里云子域名托管说明](https://help.aliyun.com/zh/dns/pubz-subdomain-management)
|
||||
|
||||
|
||||

|
||||
|
||||

|
|
@ -28,7 +28,7 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
|
|||
"2、子域名被通配符包含的不要填写,例如:www.foo.com已经被*.foo.com包含,不要填写www.foo.com\n" +
|
||||
"3、泛域名只能通配*号那一级(*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com)\n" +
|
||||
"4、输入一个,空格之后,再输入下一个 \n" +
|
||||
"5、如果您配置了子域托管解析,请先[设置托管子域名](#/certd/pipeline/subDomain)",
|
||||
"5、如果设置了子域托管解析(比如免费的二级域名托管在CF或者阿里云),请先[设置托管子域名](#/certd/pipeline/subDomain)",
|
||||
})
|
||||
domains!: string[];
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
{{ t("certd.subdomainHosting") }}
|
||||
<span class="sub">
|
||||
{{ t("certd.subdomainHostingHint") }}; {{ t("certd.subdomainHelpText") }}
|
||||
<a href="https://help.aliyun.com/zh/dns/subdomain-management" target="_blank">
|
||||
<a href="https://certd.docmirror.cn/guide/use/cert/subdomain.html" target="_blank">
|
||||
{{ t("certd.subdomainManagement") }}
|
||||
</a>
|
||||
</span>
|
||||
|
|
Loading…
Reference in New Issue