Docker Traefik和letsencrypt通配符

前端之家收集整理的这篇文章主要介绍了Docker Traefik和letsencrypt通配符前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

我一直在努力让traefik在我的域上安装通配符证书,这需要dns挑战
从阅读日志看来它似乎能够实际发出证书但不能正确安装它们

time="2018-04-07T19:10:35Z" level=debug msg="Unable to marshal provider conf *acme.Provider with error: json: unsupported type: chan *acme.StoredData"
legolog: 2018/04/07 19:10:57 [INFO][example.tld] The server validated our request
legolog: 2018/04/07 19:10:58 [INFO][*.example.tld] acme: Validations succeeded; requesting certificates
legolog: 2018/04/07 19:11:01 [INFO][*.example.tld] Server responded with a certificate.
time="2018-04-07T19:11:01Z" level=error msg="Error loading new configuration,aborted unable to generate TLS certificate : tls: Failed to find any PEM data in certificate input"
time="2018-04-07T19:12:33Z" level=debug msg="http2: server: error reading preface from client ******omitted***: remote error: tls: unknown certificate authority"

我的域名DNS提供商是cloudflare

这是我的docker docker-compose.yml

version: '2'

services:
  traefik:
    image: traefik:1.6.0-rc4
    command: --api --docker
    restart: always
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    networks:
      - web
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /opt/traefik/traefik.toml:/traefik.toml
      - /opt/traefik/acme.json:/acme.json
    environment:
      - CLOUDFLARE_EMAIL=admin@example.tld
      - CLOUDFLARE_API_KEY=
    container_name: traefik

networks:
  web:
    external: true

还有我的traefik.toml

debug = true

logLevel = "DEBUG"
defaultEntryPoints = ["https","http"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
  [entryPoints.https.tls]

[retry]

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "example.tld"
watch = true
exposedbydefault = false

[acme]
email = "admin@example.tld"
storage = "acme.json"
entryPoint = "https"
OnHostRule = true
acmeLogging = true
[acme.dnsChallenge]
  provider = "cloudflare"
  delayBeforeCheck = 0

[[acme.domains]]
   main = "example.tld"
[[acme.domains]]
   main = "*.example.tld"
最佳答案
我能够解决这个问题,这是我的错误.

在traefik.toml
您不能对通配符证书使用OnHostRule = true

阅读更多:
https://github.com/containous/traefik/blob/master/docs/configuration/acme.md#onhostrule

猜你在找的Docker相关文章