Lio*_*ion 2 ssl lets-encrypt traefik
I'm using traefik for providing some services on my NAS with https using lets encrypt. Now I noticed that the tls certs of my nextcloud installation expired yesterday evening. Traefik had logs like this:
time="2018-08-31T22:43:08Z" level=error msg="Error getting ACME client: ACME client still not built, retrying in 6.83135832s"
time="2018-08-31T22:43:15Z" level=error msg="Error getting ACME client: ACME client still not built, retrying in 12.680203952s"
time="2018-08-31T22:43:28Z" level=error msg="Error getting ACME client: ACME client still not built"
I updated to v1.7 but now the error is different:
time="2018-09-01T07:42:44Z" level=error msg="Unable to obtain ACME certificate for domains \"my.domain\" detected thanks to rule \"Host:cloud.dnas.one\" : cannot get ACME client ACME challenge not specified, please select TLS or HTTP or DNS Challenge"
This message is posted for every domain, internal as well as externals. Couldn't find much information about this issue.
defaultEntryPoints = ["http", "https"]
idleTimeout = 0
dialTimeout = 0
logLevel = "WARN"
[entryPoints]
[entryPoints.http]
address = ":80"
#entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
# Lets Encrypt via ACME
[acme]
email = "my@email.de"
storage = "acme.json"
entryPoint = "https"
onDemand = false
OnHostRule = true
caServer = "https://acme-v02.api.letsencrypt.org/directory"
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "nas.one"
watch = true
您的traefik.toml文件尚未指定用于从Let's Encrypt获取证书的质询方法。1.7错误消息对此更加清楚。
如果要使用HTTP质询,请添加以下行:
[acme.httpChallenge]
entryPoint = "http"
如果要使用DNS质询(如果要使用通配符证书,则为必填项),请添加以下行:
[acme.dnsChallenge]
provider = "YOURPROVIDER"
delayBeforeCheck = 0
检查文档以了解其余的配置。
| 归档时间: |
|
| 查看次数: |
6619 次 |
| 最近记录: |