2

我有一个由letsencrypt生成的特定证书。

在我的 traefik 配置中,我有:

kind: ConfigMap
apiVersion: v1
metadata:
  name: traefik-config
data:
  traefik.toml: |
    # traefik.toml
    defaultEntryPoints = ["http","https"]
    [entryPoints]
      [entryPoints.http]
      address = ":80"
      [entryPoints.http.redirect]
        entryPoint = "https"
      [entryPoints.https]
      address = ":443"
        [entryPoints.https.tls]
          [[entryPoints.https.tls.certificates]]
          certFile = "/etc/xxx/my-cert.crt"
          keyFile = "/etc/xxx/my-cert.key"

    [acme] # Automatically add Let's Encrypt Certificate.
      storage= "/etc/certificate/acme.json"
      email = "john.doe@company.com"
       entryPoint = "https"
       onHostRule = true
       caServer = "https://acme-v02.api.letsencrypt.org/directory"
        [acme.dnsChallenge]
        provider = "route53"
        delayBeforeCheck = 0
    [[acme.domains]]
      main = "*.company.com"
    #[[acme.domains]]
    #  main = "*.espace-client.company.com"

事情是我的证书:

/etc/xxx/my-cert.crt

将在 10 天内结束。

我也有通配符的证书:*.company.com

traefik 会自动更新它还是我应该做些什么?

4

1 回答 1

0

根据文档,证书永远不会在 10 天内结束。一定有什么问题。

“如果距离证书过期还有不到 30 天的时间,Traefik 将尝试自动更新它。”

您应该检查 traefik 容器的日志:

docker logs traefik-container
于 2020-03-03T12:50:55.597 回答