[GH-ISSUE #930] 申请SSL证书失败 #637

New issue

Closed

opened 2026-03-03 01:04:51 +03:00 by kerem · 3 comments

kerem commented

2026-03-03 01:04:51 +03:00

Owner

Originally created by @StephenJose-Dai on GitHub (Aug 19, 2025).
Original GitHub issue: https://github.com/certimate-go/certimate/issues/930

软件版本 / Release Version

0.3.17

缺陷描述 / Description

执行工作流的时候失败，日志报connect: connection refused，但是我看了域名、端口都是正确的，浏览器也能直接打开，但是得说下，我的这个服务有点特殊，就是源服务器套了2层CDN，然后我本地nginx反向代理了这个域名，下面是报错的截图和服务拓扑

复现步骤 / Steps to reproduce

点击执行就报错

日志 / Logs

# 请在此粘贴日志 / Paste logs here

其他 / Miscellaneous

No response

贡献 / Contribution

我乐意为此贡献 PR！ / I am interested in contributing a PR for this!

Originally created by @StephenJose-Dai on GitHub (Aug 19, 2025). Original GitHub issue: https://github.com/certimate-go/certimate/issues/930 ### 软件版本 / Release Version 0.3.17 ### 缺陷描述 / Description 执行工作流的时候失败，日志报connect: connection refused，但是我看了域名、端口都是正确的，浏览器也能直接打开，但是得说下，我的这个服务有点特殊，就是源服务器套了2层CDN，然后我本地nginx反向代理了这个域名，下面是报错的截图和服务拓扑 <img width="1025" height="707" alt="Image" src="https://github.com/user-attachments/assets/01ddf718-d1ec-4c01-9000-13f59b4d1885" /> <img width="1536" height="898" alt="Image" src="https://github.com/user-attachments/assets/02485f88-f101-47ed-b8e1-36bfa400201a" /> ### 复现步骤 / Steps to reproduce 点击执行就报错 ### 日志 / Logs <details> ```console # 请在此粘贴日志 / Paste logs here ``` </details> ### 其他 / Miscellaneous _No response_ ### 贡献 / Contribution - [x] 我乐意为此贡献 PR！ / I am interested in contributing a PR for this!

kerem

2026-03-03 01:04:51 +03:00

closed this issue
added the
bug

declined
labels

kerem commented

2026-03-03 01:04:52 +03:00

Author

Owner

@fudiwei commented on GitHub (Aug 19, 2025):

在 certimate 所在的主机上 curl 访问看看：

curl -v -X HEAD https://your-host -H "User-Agent: certimate"

@fudiwei commented on GitHub (Aug 19, 2025): 在 certimate 所在的主机上 curl 访问看看： ```sh curl -v -X HEAD https://your-host -H "User-Agent: certimate" ```

kerem commented

2026-03-03 01:04:52 +03:00

Author

Owner

@StephenJose-Dai commented on GitHub (Aug 20, 2025):

root@localhost:~# curl -v -X HEAD https://xxx.xx.xx.xx:port -H "User-Agent: certimate"
Warning: Setting custom HTTP method to HEAD with -X/--request may not work the 
Warning: way you want. Consider using -I/--head instead.
* Failed to connect to xxx.xx.xx.xx port xxxx after 1 ms: Error
curl: (7) Failed to connect to xxx.xx.xx.xx port xxxx after 1 ms: Error

root@localhost:~# telnet xxx.xx.xx.xx xxxx
Trying xx.xxx.xx.xxx...
telnet: connect to address xx.xxx.xx.xxx: Connection refused

似乎不通，但是我网页能打开，下面是我在windows客户端的结果

@StephenJose-Dai commented on GitHub (Aug 20, 2025): ``` root@localhost:~# curl -v -X HEAD https://xxx.xx.xx.xx:port -H "User-Agent: certimate" Warning: Setting custom HTTP method to HEAD with -X/--request may not work the Warning: way you want. Consider using -I/--head instead. * Failed to connect to xxx.xx.xx.xx port xxxx after 1 ms: Error curl: (7) Failed to connect to xxx.xx.xx.xx port xxxx after 1 ms: Error ``` ``` root@localhost:~# telnet xxx.xx.xx.xx xxxx Trying xx.xxx.xx.xxx... telnet: connect to address xx.xxx.xx.xxx: Connection refused ``` 似乎不通，但是我网页能打开，下面是我在windows客户端的结果 <img width="1957" height="1466" alt="Image" src="https://github.com/user-attachments/assets/8dd50c70-db97-49fc-8bd4-640063476c39" />

kerem commented

2026-03-03 01:04:52 +03:00

Author

Owner

@fudiwei commented on GitHub (Aug 20, 2025):

curl 访问不通那就已经跟 certimate 无关了，建议自行排查一下网络设置、防火墙设置等，看看是不是阻止了某些请求。

@fudiwei commented on GitHub (Aug 20, 2025): curl 访问不通那就已经跟 certimate 无关了，建议自行排查一下网络设置、防火墙设置等，看看是不是阻止了某些请求。