获得ssl证书的问题

Question

背景

我正在尝试将traefik仪表板设置为可在 sub.domain.com 访问，并通过Let的加密SSL证书自动保护它。使用下面的配置文件，我成功地设置了容器并通过https://sub.domain.com访问仪表板。

我有多个A记录指向同一个IP，这是一个VPS：

• sub.domain.com
• server1.domain.com

问题

加载仪表板页面后，我收到了不受信任的证书错误。

LOGS＆amp; CONFIGS

• 检查Traefik仪表板证书显示它是Traefik自签名证书。

• 查看容器日志，我可以看到以下内容

   Sub Add()
  Set wb = Application.ActiveWorkbook
  wb.Sheets.Add(After:=wb.Sheets(wb.Sheets.Count)).Name =  "For Export"
  End Sub
  

• 检查time="2018-01-23T04:47:53Z" level=info msg="Generating ACME Account..." time="2018-01-23T04:48:11Z" level=debug msg="Building ACME client..." time="2018-01-23T04:48:11Z" level=info msg=Register... time="2018-01-23T04:48:12Z" level=debug msg=AgreeToTOS... time="2018-01-23T04:48:12Z" level=info msg="Preparing server traefik &{Network: Address::8080 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc4202a2940} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s" time="2018-01-23T04:48:12Z" level=info msg="Retrieving ACME certificates..." time="2018-01-23T04:48:12Z" level=info msg="Retrieved ACME certificates" time="2018-01-23T04:48:12Z" level=info msg="Starting provider *docker.Provider {"Watch":true,"Filename":"","Constraints":null,"Trace":false,"DebugLogGeneratedTemplate":false,"Endpoint":"unix:///var/run/docker.sock","Domain":"bendwyer.net","TLS":null,"ExposedByDefault":false,"UseBindPortIP":false,"SwarmMode":false}" time="2018-01-23T04:48:12Z" level=info msg="Starting server on :443" time="2018-01-23T04:48:12Z" level=info msg="Starting server on :8080" time="2018-01-23T04:48:12Z" level=info msg="Testing certificate renew..." 我可以看到该文件已填充了Let的加密信息，但证书部分是空白的。

acme.json

traefik.toml

defaultEntryPoints = ["http", "https"] debug = true [entryPoints] [entryPoints.http] address = ":80" [entryPoints.http.redirect] entryPoint = "https" [entryPoints.https] address = ":443" [entryPoints.https.tls] [acme] email = "name@domain.com" storage = "acme.json" entryPoint = "https" [acme.httpChallenge] entryPoint = "http" OnHostRule = true [docker] endpoint = "unix:///var/run/docker.sock" domain = "domain.com" watch = true exposedbydefault = false

docker-compose.yml

Answer 1

你必须改变你的配置：

[acme]
email = "name@domain.com"
storage = "acme.json"
entryPoint = "https"
OnHostRule = true # <-----------  
[acme.httpChallenge]
  entryPoint = "http"