错误与证书

时间:2020-06-24 22:51:41

标签: docker ssl traefik

我对traefik1.7证书有疑问。我想使用tls证书。我不想使用[acme],因此我有一些带有不同端口的入口点。 acme无法与某些入口点一起使用。对我来说这是个问题。

看,我有下一个配置:

logLevel = "DEBUG"

defaultEntryPoints = ["http", "https", "auth"]

[web]
# Port for the status page
address = ":8080"

# Entrypoints, http and https
[entryPoints]
  # http should be redirected to https
  [entryPoints.http]
    address = ":80"
    [entryPoints.http.redirect]
      entryPoint = "https"
  # https is the default
  [entryPoints.https]
    address = ":443"
    [entryPoints.https.tls]
     [[entryPoints.https.tls.certificates]]
       certFile = "/certs/l.f.p.cert"
       keyFile = "/certs/l.f.p.key"
 [entryPoints.auth]
   address = ":61295"
   [entryPoints.auth.tls]
    [[entryPoints.auth.tls.certificates]]
       certFile = "/certs/l.f.p.cert"
       keyFile = "/certs/l.f.p.key"



# [acme]
# email = "h@bk.ru"
# storageFile = "/etc/traefik/acme/acme.json"
# entryPoint = "https"


[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "l.f.p"
watch = true
exposedbydefault = false

我使用此命令生成证书,并将所有设置设置为默认设置(按Enter键):

openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out l.f.p.cert -keyout l.f.p.key

启动docker-compose之后,我在浏览器中转到a-s-s.f.p:61295,然后下一次登录traefik:

reverse-proxy_1 | time="2020-06-24T07:52:48Z" level=debug msg="http: TLS handshake error from 109.252.101.42:2500: remote error: tls: unknown certificate"

我想将https与tls证书一起使用。但是我看到http而不是a-s-s.f.p:61295

的https

我使用docker-compose进行部署。我有下一个docker-compose:

reverse-proxy:
        image: traefik:1.7.24
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock:ro
            - ./traefik/traefik.toml:/etc/traefik/traefik.toml:ro
            - ./traefik/certs/:/certs/
        networks:
            - web
        ports:
            - "80:80"
            - "443:443"
            - "61295:61295"
            - "41371:41371"
            - "51229:51229"
            - "50100:50100"
            - "37247:37247"
    grader-v2-auth-service-stage:
        env_file:
            - test.env
        image: "84.1.9.0:443/grader-v2-auth-service:1.1.1"
        restart: always
        networks:
            - web
        labels:
            - "traefik.enable=true"
            - "traefik.backend=grader-v2-auth-service-stage"
            - "traefik.frontend.rule=Host:a-s-s.f.p"
            - "traefik.port=61295"
            - "traefik.docker.network=web"

如何解决此问题?

0 个答案:

没有答案