3

我有 3 个节点群,我希望将 TRAEFIK 与 Let'sEncryp 和我自己的由公司 www.tbs-internet.com 生成的证书一起使用。可能吗?目前它适用于 Let's Encrypt,但不适用于我的其他证书。使用配置文件,我在 Traefik 的日志中有以下错误:

time="2017-07-05T12:07:57Z" level=info msg="Preparing server http &{Network: Address::80 TLS:<nil> Redirect:<nil> Auth:0xc420339360 Compress:false}"
time="2017-07-05T12:07:57Z" level=info msg="Preparing server https &{Network: Address::443 TLS:0xc4204fe600 Redirect:<nil> Auth:0xc4203396c0 Compress:false}"
time="2017-07-05T12:07:57Z" level=info msg="Starting server on :80"
time="2017-07-05T12:07:57Z" level=error msg="Error creating TLS config: tls: failed to parse private key"
time="2017-07-05T12:07:57Z" level=fatal msg="Error preparing server: tls: failed to parse private key"

traefik.toml

defaultEntryPoints = ["http", "https"]

[entryPoints]
 [entryPoints.http]
 address = ":80"
 [entryPoints.https]
 address = ":443"
  [entryPoints.https.tls]
   [[entryPoints.https.tls.certificates]]
   CertFile = "/tls/fs/preprod.appx.mydomainA.com.cert"
   KeyFile = "/tls/fs/preprod.appx.mydomainA.com.key"

[acme]
email = "xxxxxxxxxxxxxxxxxxx"
storage = "acme.json"
entryPoint = "https"
onDemand = true

[[acme.domains]]
 main = "admin.mydomainC.com"

[web]
address = ":8080"

Traefik 的 docker-compose.yml

version: '3'

services:
  proxy-prod:
    image: traefik:v1.3.1-alpine
    command: --web --docker --docker.swarmmode --docker.domain=traefik.admin.mydomainC.com --docker.watch --logLevel=DEBUG
    networks:
      - net-prod
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - $PWD/traefik.toml:/traefik.toml
      - "/home/swarm/ssl:/tls"
    deploy:
      mode: global

networks:
 net-prod:
  driver: overlay
  external:
   name: net-prod

app1 的 docker-compose.yml

version: '3'

networks:
 net-prod:
  driver: overlay
  external:
   name: net-prod

services:
  app1:
    image: private/app1
    networks:
      - net-prod
    deploy:
      labels:
        - "traefik.backend=app1"
        - "traefik.frontend.rule=Host:app1.app.mydomainC.com,preprod.appx.mydomainA.com"
        - "traefik.docker.network=net-prod"
        - "traefik.port=9001"
      replicas: 1

你有想法吗 ?

app1 服务有两个 URL:

  • app1.app.mydomainC.com :使用 Let's Encrypt
  • preprod.appx.mydomainA.com :我自己的证书由公司 www.tbs-internet.com 生成
4

0 回答 0