我正在尝试设置traefik以及本教程:https://www.digitalocean.com/community/tutorials/how-to-use-traefik-as-a-reverse-proxy-for-docker-containers-on-ubuntu-16-04
这是我正在使用的traefik.toml:
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[web]
address = ":8080"
[web.auth.basic]
users = [myuserandpw]
[acme]
email = "myemailadress"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
onDemand = false
现在,当我想打开监视器仪表板时发生的事情是我收到警告,说我的连接不安全 . 它声明我的网站使用的是自签名证书(错误代码:SEC_ERROR_UNKOWN_ISSUER) . 这是真的,因为正在使用traefik默认证书而不是来自let加密的新证书 . 这可能是什么原因?
1 回答
由于Let的加密问题(https://community.letsencrypt.org/t/important-what-you-need-to-know-about-tls-sni-validation-issues/50811),您必须更改
acme
配置:Træfik1.4:使用DNS挑战https://docs.traefik.io/v1.4/configuration/acme/#dnsprovider
Træfik1.5:使用HTTP质询https://docs.traefik.io/configuration/acme/#acmehttpchallenge或DNS质询https://docs.traefik.io/configuration/acme/#acmednschallenge