starred/certimate
1
0
Fork 0
mirror of https://github.com/certimate-go/certimate.git synced 2026-04-26 05:05:56 +03:00
Code Issues 52 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #1091] 1Panel V2 无法部署从节点网站证书 #735

New issue
Closed
opened 2026-03-03 01:05:36 +03:00 by kerem · 13 comments
kerem commented 2026-03-03 01:05:36 +03:00
Owner
Copy link

Originally created by @willow-god on GitHub (Dec 7, 2025).
Original GitHub issue: https://github.com/certimate-go/certimate/issues/1091

Release Version / 软件版本

v4.0.8

Description / 问题描述

近期不知道是不是更新了1panel的问题,在部署1panel证书时出现报错:

Image

经过验证,该问题在主节点和子节点均有报错,不清楚是否是我个人的问题,麻烦开发者看一下:

Image

我能确定的是,当前证书ID2是存在的。

Miscellaneous / 其他

我看到500的问题,起初是以为我的网站配置问题,导致无法访问,但是我打开容器终端尝试ping了一下,是通的,并且在我的主节点中是有访问日志记录的,如下:

Image

该问题我尝试让主节点重新执行证书替换,但是也出现了问题,我不清楚到底是什么问题,麻烦开发者答疑解惑!祝您生活愉快!

Originally created by @willow-god on GitHub (Dec 7, 2025). Original GitHub issue: https://github.com/certimate-go/certimate/issues/1091 ### Release Version / 软件版本 v4.0.8 ### Description / 问题描述 近期不知道是不是更新了1panel的问题,在部署1panel证书时出现报错: <img width="1026" height="333" alt="Image" src="https://github.com/user-attachments/assets/e0e23edd-2851-4155-a9c0-e67f523e0796" /> 经过验证,该问题在主节点和子节点均有报错,不清楚是否是我个人的问题,麻烦开发者看一下: <img width="1113" height="1347" alt="Image" src="https://github.com/user-attachments/assets/7cbe0828-c055-4619-82c2-230966f4dd9d" /> 我能确定的是,当前证书ID2是存在的。 ### Miscellaneous / 其他 我看到500的问题,起初是以为我的网站配置问题,导致无法访问,但是我打开容器终端尝试ping了一下,是通的,并且在我的主节点中是有访问日志记录的,如下: <img width="1241" height="193" alt="Image" src="https://github.com/user-attachments/assets/2ef25ed1-d7d9-4250-8c76-85fcef56d3a5" /> 该问题我尝试让主节点重新执行证书替换,但是也出现了问题,我不清楚到底是什么问题,麻烦开发者答疑解惑!祝您生活愉快!
kerem 2026-03-03 01:05:36 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-03-03 01:05:37 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 7, 2025):

更新一下,似乎只有从节点是不可以替换证书的,我尝试通过网站id形式更新,可以获取到数据,虽然没有像我想象中的那样正确替换,但是仅显示了说没找到对应的域名,而并不是无法获取数据。

<!-- gh-comment-id:3622371368 --> @willow-god commented on GitHub (Dec 7, 2025): 更新一下,似乎只有从节点是不可以替换证书的,我尝试通过网站id形式更新,可以获取到数据,虽然没有像我想象中的那样正确替换,但是仅显示了说没找到对应的域名,而并不是无法获取数据。
kerem commented 2026-03-03 01:05:37 +03:00
Author
Owner
Copy link

@fudiwei commented on GitHub (Dec 8, 2025):

近期不知道是不是更新了1panel的问题,在部署1panel证书时出现报错

上一次部署成功是什么时候?这期间你做过什么?

<!-- gh-comment-id:3624527727 --> @fudiwei commented on GitHub (Dec 8, 2025): > 近期不知道是不是更新了1panel的问题,在部署1panel证书时出现报错 上一次部署成功是什么时候?这期间你做过什么?
kerem commented 2026-03-03 01:05:37 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 8, 2025):

您好,我并没有作任何事情,由于我添加了一个节点,所以又复制了一个子节点的部署任务并尝试运行就报错了,然后我尝试在之前已经成功的子节点重新部署(关闭设置下面的跳过开关),发现也是失败的,但是这期间我并没有修改任何配置:

并且我在打开跳过开关后,他也能正常跳过,因为之前同样的配置是有成功的记录的,如下:

#7Us4i5ao469B0GALh3RX0 西安-部署
[2025-12-07 23:38:36]
ready to deploy certificate ...
[2025-12-07 23:38:36]
found last workflow run #nmh518l22k05pct
[2025-12-07 23:38:36]
skip this deployment, because the last deployment already completed
#rK47HzoRcBFaMbMXubUGT 香港-子节点-部署
[2025-12-07 23:38:36]
ready to deploy certificate ...
[2025-12-07 23:38:36]
found last workflow run #74dp4p3yi563tbk
[2025-12-07 23:38:36]
skip this deployment, because the last deployment already completed
#je7HSFsVicMPDqUkMWkkQ 安徽-子节点-部署
[2025-12-07 23:38:36]
ready to deploy certificate ...
[2025-12-07 23:38:37]
sdk request '1panel.WebsiteSSLGet'
[2025-12-07 23:38:37]
could not deploy certificate
[2025-12-07 23:38:37]
failed to replace certificate file: failed to execute sdk request '1panel.WebsiteSSLGet': sdkerr: api error: code='500', message='服务内部错误: record not found'

可以看到,第二个香港子节点之前是成功了的,但是我将跳过开关关闭后发现香港子节点在同样的配置下也无法部署了。

<!-- gh-comment-id:3625494122 --> @willow-god commented on GitHub (Dec 8, 2025): 您好,我并没有作任何事情,由于我添加了一个节点,所以又复制了一个子节点的部署任务并尝试运行就报错了,然后我尝试在之前已经成功的子节点重新部署(关闭设置下面的跳过开关),发现也是失败的,但是这期间我并没有修改任何配置: 并且我在打开跳过开关后,他也能正常跳过,因为之前同样的配置是有成功的记录的,如下: ```shell #7Us4i5ao469B0GALh3RX0 西安-部署 [2025-12-07 23:38:36] ready to deploy certificate ... [2025-12-07 23:38:36] found last workflow run #nmh518l22k05pct [2025-12-07 23:38:36] skip this deployment, because the last deployment already completed #rK47HzoRcBFaMbMXubUGT 香港-子节点-部署 [2025-12-07 23:38:36] ready to deploy certificate ... [2025-12-07 23:38:36] found last workflow run #74dp4p3yi563tbk [2025-12-07 23:38:36] skip this deployment, because the last deployment already completed #je7HSFsVicMPDqUkMWkkQ 安徽-子节点-部署 [2025-12-07 23:38:36] ready to deploy certificate ... [2025-12-07 23:38:37] sdk request '1panel.WebsiteSSLGet' [2025-12-07 23:38:37] could not deploy certificate [2025-12-07 23:38:37] failed to replace certificate file: failed to execute sdk request '1panel.WebsiteSSLGet': sdkerr: api error: code='500', message='服务内部错误: record not found' ``` 可以看到,第二个香港子节点之前是成功了的,但是我将跳过开关关闭后发现香港子节点在同样的配置下也无法部署了。
kerem commented 2026-03-03 01:05:37 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 8, 2025):

作者大大您好,另外说明一个情况,我发现目前可以通过网站部署,也不需要维护网站地址ID,但是选择那个自动匹配的方式部署时,通配符证书似乎无法匹配:

Image

它会显示没有匹配的网站,但是可以看到我的网站名称比如为:aaa.example.com,使用example.com,*.example.com的证书似乎无法匹配到这个网站,请问这是设计还是一个小bug?

<!-- gh-comment-id:3625760625 --> @willow-god commented on GitHub (Dec 8, 2025): 作者大大您好,另外说明一个情况,我发现目前可以通过网站部署,也不需要维护网站地址ID,但是选择那个自动匹配的方式部署时,通配符证书似乎无法匹配: <img width="741" height="310" alt="Image" src="https://github.com/user-attachments/assets/9d2e15e6-a061-4fa0-9d8f-4ea0953e3029" /> 它会显示没有匹配的网站,但是可以看到我的网站名称比如为:aaa.example.com,使用example.com,*.example.com的证书似乎无法匹配到这个网站,请问这是设计还是一个小bug?
kerem commented 2026-03-03 01:05:37 +03:00
Author
Owner
Copy link

@fudiwei commented on GitHub (Dec 8, 2025):

作者大大您好,另外说明一个情况,我发现目前可以通过网站部署,也不需要维护网站地址ID,但是选择那个自动匹配的方式部署时,通配符证书似乎无法匹配:

它会显示没有匹配的网站,但是可以看到我的网站名称比如为:aaa.example.com,使用example.com,*.example.com的证书似乎无法匹配到这个网站,请问这是设计还是一个小bug?

日志里应该会有一条 sdk request '1panel.WebsiteSearch' 记录,展开看一下 response 是什么?

<!-- gh-comment-id:3626488391 --> @fudiwei commented on GitHub (Dec 8, 2025): > 作者大大您好,另外说明一个情况,我发现目前可以通过网站部署,也不需要维护网站地址ID,但是选择那个自动匹配的方式部署时,通配符证书似乎无法匹配: > > 它会显示没有匹配的网站,但是可以看到我的网站名称比如为:aaa.example.com,使用example.com,*.example.com的证书似乎无法匹配到这个网站,请问这是设计还是一个小bug? 日志里应该会有一条 `sdk request '1panel.WebsiteSearch'` 记录,展开看一下 response 是什么?
kerem commented 2026-03-03 01:05:37 +03:00
Author
Owner
Copy link

@fudiwei commented on GitHub (Dec 8, 2025):

无法复现你这个问题。你能在 Shell 中执行一下 curl 看一下响应吗?

#!/bin/bash
ONEPANEL_URL="<your-1panel-url>"        # 授权凭据中的面板地址
ONEPANEL_APIKEY="<your-1panel-api-key>" # 授权凭据中的API密钥
ONEPANEL_SSLID="<your-1panel-ssl-id>"   # 工作流节点中的证书ID

timestamp=$(date +%s)
token=$(echo -n "1panel${ONEPANEL_APIKEY}${timestamp}" | md5sum | awk '{print $1}')
response=$(curl -s -X GET \
  "${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}" \
  -H "1Panel-Timestamp: $timestamp" \
  -H "1Panel-Token: $token")
echo "$response"
<!-- gh-comment-id:3626652882 --> @fudiwei commented on GitHub (Dec 8, 2025): 无法复现你这个问题。你能在 Shell 中执行一下 curl 看一下响应吗? ```shell #!/bin/bash ONEPANEL_URL="<your-1panel-url>" # 授权凭据中的面板地址 ONEPANEL_APIKEY="<your-1panel-api-key>" # 授权凭据中的API密钥 ONEPANEL_SSLID="<your-1panel-ssl-id>" # 工作流节点中的证书ID timestamp=$(date +%s) token=$(echo -n "1panel${ONEPANEL_APIKEY}${timestamp}" | md5sum | awk '{print $1}') response=$(curl -s -X GET \ "${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}" \ -H "1Panel-Timestamp: $timestamp" \ -H "1Panel-Token: $token") echo "$response" ```
kerem commented 2026-03-03 01:05:38 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 8, 2025):

日志里应该会有一条 sdk request '1panel.WebsiteSearch' 记录,展开看一下 response 是什么?

首先针对于这个问题,搜索中我这里是可以看到各个网站的地址的,数据如下:

Image

完整日志如下,图片放不完:

[2025-12-07 23:55:01] sdk request '1panel.WebsiteSearch'
request:
{"name":"","type":"","order":"ascending","orderBy":"primary_domain","page":1,"pageSize":100}
response:
{"code":200,"message":"","data":{"items":[{"id":18,"alias":"2api.liushen.fun","primaryDomain":"2api.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/2api.liushen.fun","remark":"AxonHub","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-12-04T16:27:05.578802376Z"},{"id":9,"alias":"auth.liushen.fun","primaryDomain":"auth.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/auth.liushen.fun","remark":"Casdoor","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T15:32:13.037446909Z"},{"id":17,"alias":"domain.liushen.fun","primaryDomain":"domain.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/domain.liushen.fun","remark":"DNSMGR","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-10-25T17:18:35.109871382+08:00"},{"id":2,"alias":"ssl.liushen.fun","primaryDomain":"ssl.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/ssl.liushen.fun","remark":"Certimate","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T08:35:11.25313302Z"},{"id":15,"alias":"sso-hk.liushen.fun","primaryDomain":"sso-hk.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/sso-hk.liushen.fun","remark":"TinyAuth","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-21T12:50:53.517798973Z"}],"total":7}}
[2025-12-07 23:55:02] sdk request '1panel.WebsiteGet'
[2025-12-07 23:55:03] sdk request '1panel.WebsiteGet'
[2025-12-07 23:55:03] sdk request '1panel.WebsiteGet'
[2025-12-07 23:55:03] sdk request '1panel.WebsiteGet'
[2025-12-07 23:55:03] could not deploy certificate
[2025-12-07 23:55:03] could not find any websites matched by certificate

我的证书为通配符证书:

Image

不知道是不是习惯性的加了个根域的原因导致匹配不上

<!-- gh-comment-id:3627036723 --> @willow-god commented on GitHub (Dec 8, 2025): > 日志里应该会有一条 `sdk request '1panel.WebsiteSearch'` 记录,展开看一下 response 是什么? 首先针对于这个问题,搜索中我这里是可以看到各个网站的地址的,数据如下: <img width="778" height="984" alt="Image" src="https://github.com/user-attachments/assets/4b3c9643-e1c1-4ed5-942a-d19c5cfb70a2" /> 完整日志如下,图片放不完: ```log [2025-12-07 23:55:01] sdk request '1panel.WebsiteSearch' request: {"name":"","type":"","order":"ascending","orderBy":"primary_domain","page":1,"pageSize":100} response: {"code":200,"message":"","data":{"items":[{"id":18,"alias":"2api.liushen.fun","primaryDomain":"2api.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/2api.liushen.fun","remark":"AxonHub","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-12-04T16:27:05.578802376Z"},{"id":9,"alias":"auth.liushen.fun","primaryDomain":"auth.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/auth.liushen.fun","remark":"Casdoor","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T15:32:13.037446909Z"},{"id":17,"alias":"domain.liushen.fun","primaryDomain":"domain.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/domain.liushen.fun","remark":"DNSMGR","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-10-25T17:18:35.109871382+08:00"},{"id":2,"alias":"ssl.liushen.fun","primaryDomain":"ssl.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/ssl.liushen.fun","remark":"Certimate","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T08:35:11.25313302Z"},{"id":15,"alias":"sso-hk.liushen.fun","primaryDomain":"sso-hk.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/sso-hk.liushen.fun","remark":"TinyAuth","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-21T12:50:53.517798973Z"}],"total":7}} [2025-12-07 23:55:02] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] could not deploy certificate [2025-12-07 23:55:03] could not find any websites matched by certificate ``` 我的证书为通配符证书: <img width="912" height="402" alt="Image" src="https://github.com/user-attachments/assets/5e8abf62-2dbd-4ad9-a3f6-a3126449b8d6" /> 不知道是不是习惯性的加了个根域的原因导致匹配不上
kerem commented 2026-03-03 01:05:38 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 8, 2025):

无法复现你这个问题。你能在 Shell 中执行一下 curl 看一下响应吗?

您好作者大大,再针对这个问题,我执行后复现了这个问题:

Image

但是这个请求中似乎没有包含子节点的名称?我的主节点之前添加删除了几次,证书ID确实不存在,所以我填写2会报错,如上,但是如果我填写4,也就是我主节点中存在的证书:

Image

是可以正常使用的,我上面昨天晚上留言说主节点可以,子节点不行,是因为请求中没有携带子节点数据导致获取到了主节点的证书吗?或者说最新版本1Panel给参数干没了导致失效了吗?

<!-- gh-comment-id:3627129786 --> @willow-god commented on GitHub (Dec 8, 2025): > 无法复现你这个问题。你能在 Shell 中执行一下 curl 看一下响应吗? 您好作者大大,再针对这个问题,我执行后复现了这个问题: <img width="803" height="154" alt="Image" src="https://github.com/user-attachments/assets/e3be52d2-4d3f-497f-abab-15acc53ca235" /> 但是这个请求中似乎没有包含子节点的名称?我的主节点之前添加删除了几次,证书ID确实不存在,所以我填写2会报错,如上,但是如果我填写4,也就是我主节点中存在的证书: <img width="660" height="172" alt="Image" src="https://github.com/user-attachments/assets/782b4e80-73f9-49ee-a3e8-c5893d9d1a47" /> 是可以正常使用的,我上面昨天晚上留言说主节点可以,子节点不行,是因为请求中没有携带子节点数据导致获取到了主节点的证书吗?或者说最新版本`1Panel`给参数干没了导致失效了吗?
kerem commented 2026-03-03 01:05:38 +03:00
Author
Owner
Copy link

@fudiwei commented on GitHub (Dec 9, 2025):

首先针对于这个问题,搜索中我这里是可以看到各个网站的地址的,数据如下:

Image Image
完整日志如下,图片放不完:
Logs ``` [2025-12-07 23:55:01] sdk request '1panel.WebsiteSearch' request: {"name":"","type":"","order":"ascending","orderBy":"primary_domain","page":1,"pageSize":100} response: {"code":200,"message":"","data":{"items":[{"id":18,"alias":"2api.liushen.fun","primaryDomain":"2api.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/2api.liushen.fun","remark":"AxonHub","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-12-04T16:27:05.578802376Z"},{"id":9,"alias":"auth.liushen.fun","primaryDomain":"auth.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/auth.liushen.fun","remark":"Casdoor","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T15:32:13.037446909Z"},{"id":17,"alias":"domain.liushen.fun","primaryDomain":"domain.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/domain.liushen.fun","remark":"DNSMGR","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-10-25T17:18:35.109871382+08:00"},{"id":2,"alias":"ssl.liushen.fun","primaryDomain":"ssl.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/ssl.liushen.fun","remark":"Certimate","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T08:35:11.25313302Z"},{"id":15,"alias":"sso-hk.liushen.fun","primaryDomain":"sso-hk.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/sso-hk.liushen.fun","remark":"TinyAuth","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-21T12:50:53.517798973Z"}],"total":7}} [2025-12-07 23:55:02] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' [2025-12-07 23:55:03] could not deploy certificate [2025-12-07 23:55:03] could not find any websites matched by certificate ```

我的证书为通配符证书:

Image Image
不知道是不是习惯性的加了个根域的原因导致匹配不上

麻烦上传一下完整日志。在日志界面点右侧齿轮图标 -> 下载日志。

您好作者大大,再针对这个问题,我执行后复现了这个问题:

Image Image
但是这个请求中似乎没有包含子节点的名称?我的主节点之前添加删除了几次,证书ID确实不存在,所以我填写2会报错,如上,但是如果我填写4,也就是我主节点中存在的证书:
Image Image
是可以正常使用的,我上面昨天晚上留言说主节点可以,子节点不行,是因为请求中没有携带子节点数据导致获取到了主节点的证书吗?或者说最新版本`1Panel`给参数干没了导致失效了吗?

curl 携带一下 1Panel 子节点名称再看下响应:

前略...
response=$(curl -s -X GET \
  "${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}" \
  -H "CurrentNode: <your-node-name>" \
  -H "1Panel-Timestamp: $timestamp" \
  -H "1Panel-Token: $token")
后略...
<!-- gh-comment-id:3630047111 --> @fudiwei commented on GitHub (Dec 9, 2025): > 首先针对于这个问题,搜索中我这里是可以看到各个网站的地址的,数据如下: > <details> > <summary>Image</summary> > <img alt="Image" width="778" height="984" src="https://private-user-images.githubusercontent.com/93815242/523780153-4b3c9643-e1c1-4ed5-942a-d19c5cfb70a2.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NjUyNTAwNjksIm5iZiI6MTc2NTI0OTc2OSwicGF0aCI6Ii85MzgxNTI0Mi81MjM3ODAxNTMtNGIzYzk2NDMtZTFjMS00ZWQ1LTk0MmEtZDE5YzVjZmI3MGEyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTEyMDklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUxMjA5VDAzMDkyOVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTc5YTJlZTVlYTk0ODc2OGJhYWVkMmNmMDRhZWQ5ZjEwZDAxZmFjZGQ1N2EwYzlhOGM0YTRhYjUyOTJlNjE0Y2ImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.t7HD1_rs4Otn5Yx0EljRV-T5LWaFEKrMJ4Z8iIH4WkU"> > </details> > 完整日志如下,图片放不完: > > <details> > <summary>Logs</summary> > ``` > [2025-12-07 23:55:01] sdk request '1panel.WebsiteSearch' > request: > {"name":"","type":"","order":"ascending","orderBy":"primary_domain","page":1,"pageSize":100} > response: > {"code":200,"message":"","data":{"items":[{"id":18,"alias":"2api.liushen.fun","primaryDomain":"2api.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/2api.liushen.fun","remark":"AxonHub","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-12-04T16:27:05.578802376Z"},{"id":9,"alias":"auth.liushen.fun","primaryDomain":"auth.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/auth.liushen.fun","remark":"Casdoor","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T15:32:13.037446909Z"},{"id":17,"alias":"domain.liushen.fun","primaryDomain":"domain.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/domain.liushen.fun","remark":"DNSMGR","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-10-25T17:18:35.109871382+08:00"},{"id":2,"alias":"ssl.liushen.fun","primaryDomain":"ssl.liushen.fun","protocol":"HTTPS","type":"deployment","status":"Running","sitePath":"/opt/1panel/www/sites/ssl.liushen.fun","remark":"Certimate","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-11T08:35:11.25313302Z"},{"id":15,"alias":"sso-hk.liushen.fun","primaryDomain":"sso-hk.liushen.fun","protocol":"HTTPS","type":"proxy","status":"Running","sitePath":"/opt/1panel/www/sites/sso-hk.liushen.fun","remark":"TinyAuth","sslStatus":"success","sslExpireDate":"2026-02-15T09:07:50Z","updatedAt":"","createdAt":"2025-09-21T12:50:53.517798973Z"}],"total":7}} > [2025-12-07 23:55:02] sdk request '1panel.WebsiteGet' > [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' > [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' > [2025-12-07 23:55:03] sdk request '1panel.WebsiteGet' > [2025-12-07 23:55:03] could not deploy certificate > [2025-12-07 23:55:03] could not find any websites matched by certificate > ``` > </details> > > 我的证书为通配符证书: > <details> > <summary>Image</summary> > <img alt="Image" width="912" height="402" src="https://private-user-images.githubusercontent.com/93815242/523782976-5e8abf62-2dbd-4ad9-a3f6-a3126449b8d6.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NjUyNTAwNjksIm5iZiI6MTc2NTI0OTc2OSwicGF0aCI6Ii85MzgxNTI0Mi81MjM3ODI5NzYtNWU4YWJmNjItMmRiZC00YWQ5LWEzZjYtYTMxMjY0NDliOGQ2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTEyMDklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUxMjA5VDAzMDkyOVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPThhZTQyYmFmNWQ2MDZiODVhMGE5NDUyZWRhYTYyYTQwNjNjY2MwODlmYTJiM2JhNDZhMjMwZGZmNDIyMzUzNTkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.yIzwcrOtZatSpR_KIH54aKB_iA3zQu_-oHN0oRcpY04"> > </details> > 不知道是不是习惯性的加了个根域的原因导致匹配不上 麻烦上传一下完整日志。在日志界面点右侧齿轮图标 -> 下载日志。 --- > 您好作者大大,再针对这个问题,我执行后复现了这个问题: > <details> > <summary>Image</summary> > <img alt="Image" width="803" height="154" src="https://private-user-images.githubusercontent.com/93815242/523790638-e3be52d2-4d3f-497f-abab-15acc53ca235.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NjUyNTAxMDIsIm5iZiI6MTc2NTI0OTgwMiwicGF0aCI6Ii85MzgxNTI0Mi81MjM3OTA2MzgtZTNiZTUyZDItNGQzZi00OTdmLWFiYWItMTVhY2M1M2NhMjM1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTEyMDklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUxMjA5VDAzMTAwMlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTYyMjRkNzVkZmU5MTJmOGVjYTI4MGYyMDE4OGNlYzMzOWEwZWNhOTliMjhhZTBiZjNhZTljMGU4MjFmOTgyYTImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.WJ1glilUxhq_wNX-DStRqcQN2vbuf9Dg0jiksE-FTK8"> > </details> > 但是这个请求中似乎没有包含子节点的名称?我的主节点之前添加删除了几次,证书ID确实不存在,所以我填写2会报错,如上,但是如果我填写4,也就是我主节点中存在的证书: > <details> > <summary>Image</summary> > <img alt="Image" width="660" height="172" src="https://private-user-images.githubusercontent.com/93815242/523791284-782b4e80-73f9-49ee-a3e8-c5893d9d1a47.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NjUyNTAxMDIsIm5iZiI6MTc2NTI0OTgwMiwicGF0aCI6Ii85MzgxNTI0Mi81MjM3OTEyODQtNzgyYjRlODAtNzNmOS00OWVlLWEzZTgtYzU4OTNkOWQxYTQ3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTEyMDklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUxMjA5VDAzMTAwMlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTFhY2MzODU0YWMyYmU0MDBlYjZhZmQ5MGIzZmVmNTJmYWZjY2MxZWZmZGI5ZTg5ZTI2MGQ2YWJlMmJiZjhlZjAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.mo5CyH9-dpgMfcmn6wjCCyMCPsvOVC1MS-DMK6AdU_Y"> > </details> > 是可以正常使用的,我上面昨天晚上留言说主节点可以,子节点不行,是因为请求中没有携带子节点数据导致获取到了主节点的证书吗?或者说最新版本`1Panel`给参数干没了导致失效了吗? curl 携带一下 1Panel 子节点名称再看下响应: ```shell 前略... response=$(curl -s -X GET \ "${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}" \ -H "CurrentNode: <your-node-name>" \ -H "1Panel-Timestamp: $timestamp" \ -H "1Panel-Token: $token") 后略... ```
kerem commented 2026-03-03 01:05:38 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 9, 2025):

Image

这个是子节点,不知道是不是我的请求体的问题,我不管写成参数还是直接写在curl命令里面,似乎都会报这一个问题

certimate_workflow_run_#9owlzyvkzvcad9x_logs.txt

针对另外一个域名匹配问题,这是我的log文件,麻烦开发者大大,祝您生活愉快,工作顺利,心想事成!

<!-- gh-comment-id:3632631513 --> @willow-god commented on GitHub (Dec 9, 2025): <img width="2326" height="752" alt="Image" src="https://github.com/user-attachments/assets/7818433b-02ae-4bf9-83c6-720111881458" /> 这个是子节点,不知道是不是我的请求体的问题,我不管写成参数还是直接写在curl命令里面,似乎都会报这一个问题 [certimate_workflow_run_#9owlzyvkzvcad9x_logs.txt](https://github.com/user-attachments/files/24057452/certimate_workflow_run_.9owlzyvkzvcad9x_logs.txt) 针对另外一个域名匹配问题,这是我的log文件,麻烦开发者大大,祝您生活愉快,工作顺利,心想事成!
kerem commented 2026-03-03 01:05:38 +03:00
Author
Owner
Copy link

@fudiwei commented on GitHub (Dec 10, 2025):

从节点网站自动匹配的问题已确认并修复,将随下个版本发布。

从节点获取不到证书的问题应该是 1Panel 自身的原因,建议咨询 1Panel 官方。

<!-- gh-comment-id:3635937818 --> @fudiwei commented on GitHub (Dec 10, 2025): 从节点网站自动匹配的问题已确认并修复,将随下个版本发布。 从节点获取不到证书的问题应该是 1Panel 自身的原因,建议咨询 1Panel 官方。
kerem commented 2026-03-03 01:05:38 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 11, 2025):

您好作者,打扰了,我感觉还是不太对劲,如下:

Image

我在Windows虽然没有执行成功,但是同样的脚本我在linux环境下,在certimate的容器内,尝试安装curl后,将sh文件挂载进了data目录,使用sh ./test.sh命令执行脚本,最终发现正常获取,如上,我确定这不是获取的主节点的证书而是确实是子节点的证书,因为我的主节点不存在id为2的证书,我的脚本如下:

#!/bin/bash
set -euo pipefail

ONEPANEL_URL="https://1p.liushen.fun"
ONEPANEL_APIKEY="我的密钥"
ONEPANEL_SSLID="2"
ONEPANEL_NODE_NAME="初七安徽"

timestamp=$(date +%s)
token=$(echo -n "1panel${ONEPANEL_APIKEY}${timestamp}" | md5sum | awk '{print $1}')

echo "== Debug 信息 =="
echo "URL: ${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}"
echo "Timestamp: $timestamp"
echo "Token: $token"
echo

response=$(curl -k -v -s -X GET \
  "${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}" \
  -H "CurrentNode: ${ONEPANEL_NODE_NAME}" \
  -H "1Panel-Timestamp: $timestamp" \
  -H "1Panel-Token: $token")

echo "== 返回内容 =="
echo "$response"

我在想会不会是因为Windows和linux的细微的编码差距导致了该问题?不过我也不太肯定,不过这个问题确实是复现了。

在Windows的git bash下,同样的代码,同样的sh ./1panel.sh,无法获取到数据。

<!-- gh-comment-id:3642584499 --> @willow-god commented on GitHub (Dec 11, 2025): 您好作者,打扰了,我感觉还是不太对劲,如下: <img width="1455" height="1356" alt="Image" src="https://github.com/user-attachments/assets/276e51ca-9d95-48a6-926d-ca02030c48b9" /> 我在Windows虽然没有执行成功,但是同样的脚本我在linux环境下,在certimate的容器内,尝试安装curl后,将sh文件挂载进了data目录,使用`sh ./test.sh`命令执行脚本,最终发现正常获取,如上,我确定这不是获取的主节点的证书而是确实是子节点的证书,因为我的主节点不存在id为2的证书,我的脚本如下: ```shell #!/bin/bash set -euo pipefail ONEPANEL_URL="https://1p.liushen.fun" ONEPANEL_APIKEY="我的密钥" ONEPANEL_SSLID="2" ONEPANEL_NODE_NAME="初七安徽" timestamp=$(date +%s) token=$(echo -n "1panel${ONEPANEL_APIKEY}${timestamp}" | md5sum | awk '{print $1}') echo "== Debug 信息 ==" echo "URL: ${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}" echo "Timestamp: $timestamp" echo "Token: $token" echo response=$(curl -k -v -s -X GET \ "${ONEPANEL_URL}/api/v2/websites/ssl/${ONEPANEL_SSLID}" \ -H "CurrentNode: ${ONEPANEL_NODE_NAME}" \ -H "1Panel-Timestamp: $timestamp" \ -H "1Panel-Token: $token") echo "== 返回内容 ==" echo "$response" ``` 我在想会不会是因为Windows和linux的细微的编码差距导致了该问题?不过我也不太肯定,不过这个问题确实是复现了。 在Windows的git bash下,同样的代码,同样的`sh ./1panel.sh`,无法获取到数据。
kerem commented 2026-03-03 01:05:38 +03:00
Author
Owner
Copy link

@willow-god commented on GitHub (Dec 11, 2025):

作者大大您先发版网站部署的匹配问题吧,我这个情况可以通过网站匹配解决问题,对于证书部署问题我也有点迷糊了,等我去询问一下1Panel的官方看看

<!-- gh-comment-id:3642671874 --> @willow-god commented on GitHub (Dec 11, 2025): 作者大大您先发版网站部署的匹配问题吧,我这个情况可以通过网站匹配解决问题,对于证书部署问题我也有点迷糊了,等我去询问一下1Panel的官方看看
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
next
archive/v0.3
archive/v0.2
v0.4.21
v0.4.20
v0.4.19
v0.4.18
v0.4.17
v0.4.16
v0.4.15
v0.4.14
v0.4.13
v0.4.12
v0.4.11
v0.4.10
v0.4.9
v0.4.8
v0.4.7
v0.4.6
v0.4.5
v0.4.4
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.27
v0.3.26
v0.3.25
v0.3.24
v0.3.23
v0.3.22
v0.3.21
v0.3.20
v0.3.19
v0.3.18
v0.3.17
v0.3.16
v0.3.15
v0.3.14
v0.3.13
v0.3.12
v0.3.11
v0.3.10
v0.3.9
v0.3.8
v0.3.7
v0.3.6
v0.3.5
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
v0.2.24-beta
v0.2.23-beta
v0.2.21
v0.2.20
v0.2.19
v0.2.18
v0.2.17
v0.2.16
v0.2.15
v0.2.14
v0.2.13
v0.2.12
v0.2.11
v0.2.10
v0.2.9
v0.2.8
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.19
v0.1.18
v0.1.17
v0.1.16
v0.1.15
v0.1.14
v0.1.13
v0.1.12
v0.1.11
v0.1.10
v0.1.9
v0.1.8
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
v0.0.1
Labels
Clear labels   
announcement

   
backlog

   
bug

   
declined

   
documentation

   
duplicate

   
enhancement

   
good first issue

   
good first issue

   
help wanted

   
invalid

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale
No labels
announcement
backlog
bug
declined
documentation
duplicate
enhancement
good first issue
good first issue
help wanted
invalid
pull-request
question
stale
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/certimate#735
No description provided.