求助 singbox 无法访问 docker hub 和 youtube 的问题

如题，是在 Mac 上用 Gui For SingBox 配置的，对应版本如下：

• MacOS：15.4
• Gui For SingBox：1.9.5
• singbox 内核：1.11.7

开启之后可以访问 https://google.com 以及 https://docker.com
但是无法访问 https://hub.docker.com 以及 https://youtube.com

通过 curl 发现会返回一个错误的证书

 curl -vv https://hub.docker.com * Host hub.docker.com:443 was resolved. * IPv6: (none) * IPv4: 157.240.12.5 * Trying 157.240.12.5:443... * Connected to hub.docker.com (157.240.12.5) port 443 * ALPN: curl offers h2,http/1.1 * (304) (OUT), TLS handshake, Client hello (1): * CAfile: /etc/ssl/cert.pem * CApath: none * (304) (IN), TLS handshake, Server hello (2): * (304) (IN), TLS handshake, Unknown (8): * (304) (IN), TLS handshake, Certificate (11): * (304) (IN), TLS handshake, CERT verify (15): * (304) (IN), TLS handshake, Finished (20): * (304) (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF * ALPN: server accepted h2 * Server certificate: * subject: C=US; ST=California; L=Menlo Park; O=Meta Platforms, Inc.; CN=*.atlassolutions.com * start date: Jan 24 00:00:00 2025 GMT * expire date: Apr 24 23:59:59 2025 GMT * subjectAltName does not match host name hub.docker.com * SSL: no alternative certificate subject name matches target host name 'hub.docker.com' * Closing connection curl: (60) SSL: no alternative certificate subject name matches target host name 'hub.docker.com' More details here: https://curl.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. 

对应的 singbox 配置如下，隐藏了节点的配置

{ "log": { "disabled": false, "level": "info", "output": "", "timestamp": false }, "experimental": { "clash_api": { "external_controller": "127.0.0.1:20123", "external_ui": "", "external_ui_download_url": "", "external_ui_download_detour": " Direct", "secret": "ID_r4fgwjn7", "default_mode": "rule", "access_control_allow_origin": [ "*" ], "access_control_allow_private_network": false }, "cache_file": { "enabled": true, "path": "cache.db", "cache_id": "", "store_fakeip": true, "store_rdrc": true, "rdrc_timeout": "7d" } }, "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "127.0.0.1", "listen_port": 20122, "tcp_fast_open": false, "tcp_multi_path": false, "udp_fragment": false } ], "outbounds": ["节点信息..."], "route": { "rules": [ { "action": "route", "rule_set": [ "Youtube", "Docker" ], "outbound": " Select" }, { "action": "route", "rule_set": [ "Bilibili" ], "outbound": " Direct" }, { "action": "hijack-dns", "protocol": "dns" }, { "action": "route", "clash_mode": "direct", "outbound": " Direct" }, { "action": "route", "clash_mode": "global", "outbound": "GLOBAL" }, { "action": "reject", "protocol": "quic" }, { "action": "reject", "rule_set": [ "Category-Ads" ] }, { "action": "route", "rule_set": [ "GeoSite-Private" ], "outbound": " Direct" }, { "action": "route", "rule_set": [ "GeoSite-CN" ], "outbound": " Direct" }, { "action": "route", "rule_set": [ "GeoIP-Private" ], "outbound": " Direct" }, { "action": "route", "rule_set": [ "GeoIP-CN" ], "outbound": " Direct" }, { "action": "route", "rule_set": [ "GeoLocation-!CN" ], "outbound": " Select" } ], "rule_set": [ { "tag": "Youtube", "type": "remote", "url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/youtube.srs", "format": "binary", "download_detour": " Select" }, { "tag": "Docker", "type": "remote", "url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo/geosite/docker.srs", "format": "binary", "download_detour": " Select" }, { "tag": "Bilibili", "type": "remote", "url": "https://github.com/MetaCubeX/meta-rules-dat/raw/refs/heads/sing/geo-lite/geosite/bilibili.srs", "format": "binary", "download_detour": " Select" }, { "tag": "Category-Ads", "type": "remote", "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs", "format": "binary", "download_detour": " Direct" }, { "tag": "GeoIP-Private", "type": "remote", "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/private.srs", "format": "binary", "download_detour": " Direct" }, { "tag": "GeoSite-Private", "type": "remote", "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/private.srs", "format": "binary", "download_detour": " Direct" }, { "tag": "GeoIP-CN", "type": "remote", "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs", "format": "binary", "download_detour": " Direct" }, { "tag": "GeoSite-CN", "type": "remote", "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs", "format": "binary", "download_detour": " Direct" }, { "tag": "GeoLocation-!CN", "type": "remote", "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs", "format": "binary", "download_detour": " Direct" } ], "auto_detect_interface": true, "final": " Fallback" }, "dns": { "servers": [ { "tag": "FakeIp", "address": "fakeip" }, { "tag": "Local-DNS", "address": "https://223.5.5.5:443/dns-query", "address_resolver": "Local-DNS-Resolver", "detour": " Direct" }, { "tag": "Local-DNS-Resolver", "address": "udp://223.5.5.5:53", "detour": " Direct" }, { "tag": "Remote-DNS", "address": "tls://8.8.8.8:853", "address_resolver": "Remote-DNS-Resolver", "detour": " Select" }, { "tag": "Remote-DNS-Resolver", "address": "udp://8.8.8.8:53", "detour": " Select" } ], "rules": [ { "action": "route", "server": "Local-DNS", "outbound": "any" }, { "action": "route", "rule_set": [ "GeoLocation-!CN" ], "server": "Remote-DNS" }, { "action": "route", "rule_et": [ "GeoSite-CN" ], "server": "Local-DNS" } ], "disable_cache": false, "disable_expire": false, "independent_cache": false, "final": "Remote-DNS", "fakeip": { "enabled": true } } }