创buildTLSconfiguration时出错(v1.3.7)
我一直在摆弄Traefik几个小时,发现它非常有趣。 但是,我遇到了一个我自己无法解决的问题。
这是一个非常简单的设置,只是试图testingHTTP到HTTPSredirect和我的SSL证书。
我有以下docker-compose.yml
version: '2' services: traefik: image: traefik:v1.3.7-alpine ports: - "80:80" - "443:443" - "8080:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock:z - /opt/dockerapp/rocketchat/traefik/traefik.toml:/etc/traefik/traefik.toml:ro,z - /opt/dockerapp/rocketchat/traefik/ssl:/etc/traefik/ssl/:ro,z command: --logLevel=DEBUG
我的traefik.toml是
defaultEntryPoints = ["http", "https"] [entryPoints] [entryPoints.http] address = ":80" [entryPoints.http.redirect] entryPoint = "https" [entryPoints.https] address = ":443" [entryPoints.https.tls] [[entryPoints.https.tls.certificates]] CertFile = "ssl/mycert.pem" KeyFile = "ssl/mycert.key" [docker] domain = "docker.local" watch = true [web] address = ":8080"
但是,当我尝试运行它时:
docker-compose up Starting rocketchat_traefik_1 Attaching to rocketchat_traefik_1 traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Traefik version v1.3.7 built on 2017-08-25_08:56:06PM" traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Using TOML configuration file /etc/traefik/traefik.toml" traefik_1 | time="2017-08-29T13:45:55Z" level=debug msg="Global configuration loaded {"GraceTimeOut":10000000000,"Debug":false,"CheckNewVersion":true,"AccessLogsFile":"","TraefikLogsFile":"","LogLevel":"DEBUG","EntryPoints":{"http":{"Network":"","Address":":80","TLS":null,"Redirect":{"EntryPoint":"https","Regex":"","Replacement":""},"Auth":null,"Compress":false},"https":{"Network":"","Address":":443","TLS":{"MinVersion":"","CipherSuites":null,"Certificates":[{"CertFile":"ssl/mycert.pem","KeyFile":"ssl/mycert.key"}],"ClientCAFiles":null},"Redirect":null,"Auth":null,"Compress":false}},"Cluster":null,"Constraints":[],"ACME":null,"DefaultEntryPoints":["http","https"],"ProvidersThrottleDuration":2000000000,"MaxIdleConnsPerHost":200,"IdleTimeout":180000000000,"InsecureSkipVerify":false,"Retry":null,"HealthCheck":{"Interval":30000000000},"Docker":{"Watch":true,"Filename":"","Constraints":null,"Endpoint":"unix:///var/run/docker.sock","Domain":"docker.local","TLS":null,"ExposedByDefault":true,"UseBindPortIP":false,"SwarmMode":false},"File":null,"Web":{"Address":":8080","CertFile":"","KeyFile":"","ReadOnly":false,"Statistics":null,"Metrics":null,"Path":"","Auth":null},"Marathon":null,"Consul":null,"ConsulCatalog":null,"Etcd":null,"Zookeeper":null,"Boltdb":null,"Kubernetes":null,"Mesos":null,"Eureka":null,"ECS":null,"Rancher":null,"DynamoDB":null}" traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Preparing server http &{Network: Address::80 TLS:<nil> Redirect:0xc4202f4ea0 Auth:<nil> Compress:false}" traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Preparing server https &{Network: Address::443 TLS:0xc42032c000 Redirect:<nil> Auth:<nil> Compress:false}" traefik_1 | time="2017-08-29T13:45:55Z" level=error msg="Error creating TLS config: tls: failed to find any PEM data in certificate input" traefik_1 | time="2017-08-29T13:45:55Z" level=fatal msg="Error preparing server: tls: failed to find any PEM data in certificate input" rocketchat_traefik_1 exited with code 1
这似乎表明我的证书有问题。 我当然知道证书是好的,这是我们用Apache和NGINX成功使用的通配符证书。
我已经检查过这个可能的答案 ,但是证书和私钥都与这些参数相匹配。
任何人都可以点亮一下吗?
谢谢!
看起来像traefik没有find你的证书。 尝试把CertFile和KeyFile的绝对path,例如:
defaultEntryPoints = ["http", "https"] [entryPoints] [entryPoints.http] address = ":80" [entryPoints.http.redirect] entryPoint = "https" [entryPoints.https] address = ":443" [entryPoints.https.tls] [[entryPoints.https.tls.certificates]] CertFile = "/etc/traefik/ssl/mycert.pem" KeyFile = "/etc/traefik/ssl/mycert.key" [docker] domain = "docker.local" watch = true [web] address = ":8080"