时间戳

首页 > 解决方案 > Traefik 与 LetsEncrypt 通配符和 Dyn DNS

lets-encrypt - Traefik 与 LetsEncrypt 通配符和 Dyn DNS

问题描述

我正在尝试使用 LetsEncrypt 的通配符证书设置 traefik。

在 Traefik 中使用 LetsEncrypt 的 dyn 提供程序时,我收到以下错误消息:

reverse-proxy_1  | time="2018-05-01T20:19:12Z" level=debug msg="Building ACME client..."
reverse-proxy_1  | time="2018-05-01T20:19:12Z" level=debug msg="https://acme-v02.api.letsencrypt.org/directory"
reverse-proxy_1  | time="2018-05-01T20:19:12Z" level=info msg=Register...
reverse-proxy_1  | time="2018-05-01T20:19:13Z" level=debug msg="Using DNS Challenge provider: dyn"
reverse-proxy_1  | time="2018-05-01T20:19:13Z" level=error msg="Unable to obtain ACME certificate for domains \"'*.lb.ops.example.net'\" : domains ['*.lb.ops.example.net'] generate certificate with no value: {    [] [] [] []}"

当我查看生成的 acme.json 时,我看到:

{
  "Account": {
    "Email": "my.name@example.com",
    "Registration": {
      "body": {
        "status": "valid",
        "contact": [
          "mailto:my.name@example.com"
        ]
      },
      "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/34263018"
    },
    "PrivateKey": "MIIJKAIBAAKCAgEAsvImYVFqq [trimmed info] BPLMwF7E1F2GJg61qYJ4a0="
  },
  "Certificates": null,
  "HTTPChallenges": null
}

我在 docker-compose.yml 中使用以下内容:

  reverse-proxy:
    command:
    - --debug
    - --logLevel=DEBUG
    - --acme.dnschallenge=true
    - --acme.dnschallenge.provider=dyn
    - --acme.domains='*.lb.ops.example.net'
    - --acme.email=my.name@example.com
    - --acme.entryPoint=https
    - --acme.storage=/etc/traefik/acme/acme.json
    - --defaultentrypoints=http,https
    - --entrypoints=Name:http Address::80 Redirect.EntryPoint:https
    - --entrypoints=Name:https Address::443 TLS
    - --web
    depends_on:
    - consul
    environment:
      DYN_CUSTOMER_NAME: mycompanyname
      DYN_PASSWORD: a-reasonable-password
      DYN_USER_NAME: aserviceaccountname
    image: traefik:1.6
    links:
    - consul
    ports:
    - published: 80
      target: 80
    - published: 443
      target: 443
    - published: 8080
      target: 8080
    volumes:
    - /tmp/acme:/etc/traefik/acme:rw
    - /tmp/traefik:/var/log/traefik:rw

标签: lets-encrypttraefik

解决方案

推荐阅读