Traefik - 不能使用自签名证书

时间:2017-12-19 15:22:18

标签: ssl-certificate traefik

我想使用dockertraefik自签名证书,但我收到此错误:

  

time =“2017-12-19T15:08:34Z”level = info msg =“使用TOML配置   档案/etc/traefik/traefik.toml“time =”2017-12-19T15:08:34Z“   level = error msg =“创建TLS配置时出错:tls:找不到任何错误   证书输入中的PEM数据“time =”2017-12-19T15:08:34Z“   level = fatal msg =“准备服务器时出错:tls:找不到任何PEM   证书输入中的数据“

泊坞:

docker run --name traefik --hostname traefik -d -p 8080:8080 -p 80:80 -v $PWD/traefik.toml:/etc/traefik/traefik.toml -v /var/run/docker.sock:/var/run/docker.sock traefik

Traefik.toml

defaultEntryPoints = ["https"]
[entryPoints]
  [entryPoints.http]
  address = ":80"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
      [[entryPoints.https.tls.certificates]]
      certFile = "/home/user/traefik/ssl/ca1.crt"
      keyFile = "/home/user/traefik/ssl/ca1.key"
[web]
address = ":8080"
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "domain.pt"
watch = true
swarmmode = true
exposedbydefault = false

我做错了什么?

1 个答案:

答案 0 :(得分:3)

我在使用CertFile的路径混淆了Traefik.toml中的一个关键文件。我需要在我的traefik容器中为证书添加一个卷,指出我的主机文件和docker容器的路径,我放在Traefik.toml中。所以:

docker run -d --name traefik --hostname traefik -p 8080:8080 -p 80:80 -p 443:443 -v $PWD/ssl/:/home/user/traefik/ssl/ -v $PWD/traefik.toml:/etc/traefik/traefik.toml -v /var/run/docker.sock:/var/run/docker.sock traefik

总结,我需要创建一个这样的卷:

  

-v LOCAL_PATH_OF_YOUR_CERTS:CERT_AND_KEY_PATH_OF_TRAEFIK.TOML