Letsencrypt + Docker + Nginx [英] Letsencrypt + Docker + Nginx

问题描述

我指的是此链接 https://miki725.github.io/docker/crypto/2017/01/29/docker+nginx+letsencrypt.html 在与docker一起运行的我的应用上启用SSL.所以这里的问题是当我运行以下命令时

I am referring this link https://miki725.github.io/docker/crypto/2017/01/29/docker+nginx+letsencrypt.html to enable SSL on my app which is running along with docker. So the problem here is when I run the below command

  docker run -it --rm \
  -v certs:/etc/letsencrypt \
  -v certs-data:/data/letsencrypt \
  deliverous/certbot \
  certonly \
  --webroot --webroot-path=/data/letsencrypt \
  -d api.mydomain.com

它抛出一个错误:

Failed authorization procedure. api.mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://api.mydomain.com/.well-known/acme-challenge/OCy4HSmhDwb2dtBEjZ9vP3HgjVXDPeghSAdqMFOFqMw:

所以任何人都可以帮助我，让我知道我是否缺少某些东西或做错了什么.

So can any one please help me and let me know if I am missing something or doing something wrong.

推荐答案

该文章以及您的设置中似乎缺少的是主机名 api.mydomain.com 必须有一个公用DNS记录，指向运行Nginx容器的机器的IP地址.

What seems to be missing from that article and possibly from your setup is that the hostname api.mydomain.com needs to have a public DNS record pointing to the IP address of the machine on which the Nginx container is running.

让我们加密"进程正在尝试访问文件 api.mydomain.com/.well-known/acme-challenge/OCy4HSmhDwb2dtBEjZ9vP3HgjVXDPeghSAdqMFOFqMw .该文件由 certbot 放置在此处.如果地址 api.mydomain.com 没有解析为运行certbot的计算机的地址，则该过程将失败.

The Let's Encrypt process is trying to access the file api.mydomain.com/.well-known/acme-challenge/OCy4HSmhDwb2dtBEjZ9vP3HgjVXDPeghSAdqMFOFqMw. This file is put there by certbot. If the address api.mydomain.com does not resolve to the address of the machine from which you are running certbot then the process will fail.

您还需要打开端口80和443才能工作.

You will also need to have ports 80 and 443 open for it to work.

根据可获得的信息，这是我最好的建议，可以帮助您从哪里开始解决问题.

Based on the available info that is my best suggestion on where you can start looking to resolve the issue.

这篇关于Letsencrypt + Docker + Nginx的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！