配置

~/.codex/config.toml

model_provider = "cliproxyapi"
model = "gpt-5-codex"
model_reasoning_effort = "high"

[model_providers.cliproxyapi]
name = "cliproxyapi"
base_url = "http://127.0.0.1:8317/v1"
wire_api = "responses"

问题 1 无法连接

报错

Reconnecting... 1/5

Reconnecting... 2/5

Reconnecting... 3/5

Reconnecting... 4/5

Reconnecting... 5/5

stream disconnected before completion: error sending request for url

排查：

curl -i https://域名.com/v1/models -H "Authorization: Bearer 中转站的KEY"
curl -N -i https://域名.com/v1/responses -H "Authorization: Bearer 中转站的KEY" -H "Content-Type: application/json" -d '{"model":"gpt-5.3-codex","input":"Reply with exactly OK","stream":true,"max_output_tokens":5}'
curl -Iv https://域名.com/v1/models

输出：

命令1输出

curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.

命令2输出

curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.

问题发现：TLS 证书信任链

去部署 New API 的那台宝塔/Nginx 服务器检查 SSL 证书配置，重点是：

nginx配置

ssl_certificate 要指向 完整证书链，通常是 fullchain.pem

通常的写法：

ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;

改完 reload nginx

检查证书：

openssl s_client -connect 域名.com:443 -servername 域名.com -showcerts </dev/null

重点看最后几行：

• 如果是 Verify return code: 0 (ok)，证书链没问题
• 如果是 20、21 这类，基本就是证书链不完整

运行：

node -e "fetch('https://域名.com/v1/models',{headers:{Authorization:'Bearer 中转站的KEY'}}).then(async r=>{console.log(r.status);console.log(await r.text())}).catch(e=>{console.error(e);process.exit(1)})"

这条成功返回 200 和模型列表，问题解决

问题 2 编程时生成乱码（windows）

先确认你现在用的是哪种 PowerShell：

$PSVersionTable.PSVersion

然后用“当前用户、所有 PowerShell 主机”的 profile，通常最合适：

$PROFILE.CurrentUserAllHosts

如果文件不存在，就创建：

New-Item -ItemType File -Force -Path $PROFILE.CurrentUserAllHosts

用记事本打开：

notepad $PROFILE.CurrentUserAllHosts

把下面这段贴进去并保存：

$Utf8NoBom = [System.Text.UTF8Encoding]::new($false)

[Console]::InputEncoding = $Utf8NoBom
[Console]::OutputEncoding = $Utf8NoBom
$OutputEncoding = $Utf8NoBom

chcp 65001 > $null

然后关闭并重新打开 PowerShell，验证：

[Console]::OutputEncoding.WebName
$OutputEncoding.WebName
chcp

输出：

PS C:\Users\Administrator> [Console]::OutputEncoding.WebName
utf-8
PS C:\Users\Administrator> $OutputEncoding.WebName
utf-8
PS C:\Users\Administrator> chcp
Active code page: 65001

如果报错：

error

无法加载文件 C:\Users\Administrator\Documents\WindowsPowerShell\profile.ps1，因为在此系统上禁止运行脚本。有关详细信 息，请参阅 https:/go.microsoft.com/fwlink/?LinkID=135170 中的 about_Execution_Policies。

所在位置 行:1 字符: 3

+ . 'C:\Users\Administrator\Documents\WindowsPowerShell\profile.ps1' + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) []，PSSecurityException + FullyQualifiedErrorId : UnauthorizedAccess

则执行：

Set-ExecutionPolicy -Scope CurrentUser RemoteSigned