我一直在努力让traefik在我的域上安装通配符证书,这需要dns挑战
从阅读日志看来它似乎能够实际发出证书但不能正确安装它们
time="2018-04-07T19:10:35Z" level=debug msg="Unable to marshal provider conf *acme.Provider with error: json: unsupported type: chan *acme.StoredData"
legolog: 2018/04/07 19:10:57 [INFO][example.tld] The server validated our request
legolog: 2018/04/07 19:10:58 [INFO][*.example.tld] acme: Validations succeeded; requesting certificates
legolog: 2018/04/07 19:11:01 [INFO][*.example.tld] Server responded with a certificate.
time="2018-04-07T19:11:01Z" level=error msg="Error loading new configuration,aborted unable to generate TLS certificate : tls: Failed to find any PEM data in certificate input"
time="2018-04-07T19:12:33Z" level=debug msg="http2: server: error reading preface from client ******omitted***: remote error: tls: unknown certificate authority"
我的域名DNS提供商是cloudflare
这是我的docker docker-compose.yml
version: '2'
services:
traefik:
image: traefik:1.6.0-rc4
command: --api --docker
restart: always
ports:
- 80:80
- 443:443
- 8080:8080
networks:
- web
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /opt/traefik/traefik.toml:/traefik.toml
- /opt/traefik/acme.json:/acme.json
environment:
- CLOUDFLARE_EMAIL=admin@example.tld
- CLOUDFLARE_API_KEY=
container_name: traefik
networks:
web:
external: true
还有我的traefik.toml
debug = true
logLevel = "DEBUG"
defaultEntryPoints = ["https","http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "example.tld"
watch = true
exposedbydefault = false
[acme]
email = "admin@example.tld"
storage = "acme.json"
entryPoint = "https"
OnHostRule = true
acmeLogging = true
[acme.dnsChallenge]
provider = "cloudflare"
delayBeforeCheck = 0
[[acme.domains]]
main = "example.tld"
[[acme.domains]]
main = "*.example.tld"
最佳答案
我能够解决这个问题,这是我的错误.
原文链接:https://www.f2er.com/docker/436144.html在traefik.toml
您不能对通配符证书使用OnHostRule = true
阅读更多:
https://github.com/containous/traefik/blob/master/docs/configuration/acme.md#onhostrule