Traefik将颁发证书而不是让我们加密 [英] Traefik will issue certificate instead of Let's encrypt
问题描述
I am trying to set up traefik along with this tutorial: https://www.digitalocean.com/community/tutorials/how-to-use-traefik-as-a-reverse-proxy-for-docker-containers-on-ubuntu-16-04
这是我正在使用的traefik.toml:
Here's the traefik.toml I'm using:
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[web]
address = ":8080"
[web.auth.basic]
users = [myuserandpw]
[acme]
email = "myemailadress"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
onDemand = false
现在,当我想打开监视器仪表板时,会发生警告,提示我连接不安全.它表明我的网站正在使用自签名证书(错误代码:SEC_ERROR_UNKOWN_ISSUER).这是正确的,因为使用的是traefik默认证书,而不是让我们加密的新证书.可能是什么原因?
What happens now when I want to open up the monitor dashboard is that I get a warning that my connection is not secure. It states that my website is using a self-signed certificate (Error code: SEC_ERROR_UNKOWN_ISSUER). Which is true because the traefik default cert is being used instead of a new one from let's encrypt. What could be the reason for this?
推荐答案
Due to a Let's Encrypt issue (https://community.letsencrypt.org/t/important-what-you-need-to-know-about-tls-sni-validation-issues/50811) you must change your acme
configuration:
- Træfik1.4:使用DNS挑战 https://docs.traefik .io/v1.4/configuration/acme/#dnsprovider
- Træfik1.5:使用HTTP挑战 https://docs.traefik .io/v1.5/configuration/acme/#acmehttpchallenge 或DNS挑战
- Træfik 1.4: use the DNS challenge https://docs.traefik.io/v1.4/configuration/acme/#dnsprovider
- Træfik 1.5: use the HTTP challenge https://docs.traefik.io/v1.5/configuration/acme/#acmehttpchallenge or the DNS challenge https://docs.traefik.io/v1.5/configuration/acme/#acmednschallenge
这篇关于Traefik将颁发证书而不是让我们加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!