Traefik和自定义证书续订

时间:2019-10-09 11:46:14

标签: lets-encrypt traefik traefik-ingress

我有一个由letencrypt生成的特定证书。

在我的traefik配置中,我有:

kind: ConfigMap
apiVersion: v1
metadata:
  name: traefik-config
data:
  traefik.toml: |
    # traefik.toml
    defaultEntryPoints = ["http","https"]
    [entryPoints]
      [entryPoints.http]
      address = ":80"
      [entryPoints.http.redirect]
        entryPoint = "https"
      [entryPoints.https]
      address = ":443"
        [entryPoints.https.tls]
          [[entryPoints.https.tls.certificates]]
          certFile = "/etc/xxx/my-cert.crt"
          keyFile = "/etc/xxx/my-cert.key"

    [acme] # Automatically add Let's Encrypt Certificate.
      storage= "/etc/certificate/acme.json"
      email = "john.doe@company.com"
       entryPoint = "https"
       onHostRule = true
       caServer = "https://acme-v02.api.letsencrypt.org/directory"
        [acme.dnsChallenge]
        provider = "route53"
        delayBeforeCheck = 0
    [[acme.domains]]
      main = "*.company.com"
    #[[acme.domains]]
    #  main = "*.espace-client.company.com"

这是我的证书:

/etc/xxx/my-cert.crt

将在10天后结束。

我也有通配符的证书:*.company.com

traefik会自动更新它还是应该做些什么?

1 个答案:

答案 0 :(得分:0)

根据文档,证书永远不会在10天后终止。一定有问题。

”如果证书还剩不到30天 过期,Traefik将尝试自动更新。”

您应该检查traefik容器的日志:

docker logs traefik-container
相关问题
最新问题