刷新让我们在 docker 容器中加密根 CA [英] Refresh Lets encrypt root CA in docker container

查看:45
本文介绍了刷新让我们在 docker 容器中加密根 CA的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在我的 docker 容器中运行 debian 9,今天我无法更新 Lets encrypt 容器内的根证书.在主机 Ubuntu 20 上,一切正常,无需我的干预,但在我的 debian 容器上,我无法获得新的根 Lets Encrypt 证书,只有从头开始的娱乐容器有帮助.我尝试了 update-ca-certificates --fresh,但没有帮助.有什么想法吗?

I'm running debian 9 in my docker container and today I was not able to update root certificate for Lets encrypt inside container. On host Ubuntu 20 everything worked without any my intervention, but on my debian container I was not able to get new root Lets Encrypt certificate, only recreation container from scratch helped. I tried update-ca-certificates --fresh, but it didn't help. Any ideas?

由于 Lets Encrypt 证书从容器内部对 https 服务的此问题请求失败,并出现SSL 证书问题:证书已过期",因为 Lets Encrypt 的根证书今天已过期(2021 年 9 月 30 日)

Due this issue request from inside container towards https services with Lets Encrypt certificate failed with "SSL certificate problem: certificate has expired", because root certificate of Lets Encrypt expired today (September 30, 2021)

推荐答案

首先尝试从/etc/ca-certificates.conf 中的列表中删除旧证书:

Try first to remove the old certificate from your list in /etc/ca-certificates.conf:

sed -i 's#mozilla/DST_Root_CA_X3.crt#!mozilla/DST_Root_CA_X3.crt#g' /etc/ca-certificates.conf
update-ca-certificates --fresh

这篇关于刷新让我们在 docker 容器中加密根 CA的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆