Docker Traefik V2.2.1-除Traefik服务外的所有服务返回[NET::ERR\u CERT\u AUTHORITY\u INVALID]并使用[Traefik DEFAULT CERT]
我决定将traefik的版本从1.7.x升级到2.2.1。 因此,我遵循了上述解决方案()的指导原则,以便2.2.1版中的traefik能够工作。 Traefik v2.2.1运行正常,并正确地将http端口重定向到https。 但是,whoami服务会从http端口重定向到https,但会显示以下消息:Docker Traefik V2.2.1-除Traefik服务外的所有服务返回[NET::ERR\u CERT\u AUTHORITY\u INVALID]并使用[Traefik DEFAULT CERT],docker,ssl,traefik,Docker,Ssl,Traefik,我决定将traefik的版本从1.7.x升级到2.2.1。 因此,我遵循了上述解决方案()的指导原则,以便2.2.1版中的traefik能够工作。 Traefik v2.2.1运行正常,并正确地将http端口重定向到https。 但是,whoami服务会从http端口重定向到https,但会显示以下消息: WHOAMI return NET :: ERR_CERT_AUTHORITY_INVALID TRAEFIK DEFAULT CERT 我想知道如何解决这个问题。 我查看了traefik
WHOAMI return
NET :: ERR_CERT_AUTHORITY_INVALID
TRAEFIK DEFAULT CERT
我想知道如何解决这个问题。
我查看了traefik文档,但没有发现任何错误。我更改了此部分
- "traefik.http.routers.whoami.rule=Host(`whoami.ehpop.com.br`, `www.whoami.ehpop.com.br`)"
- "traefik.http.routers.whoami-secure.rule=Host(`whoami.ehpop.com.br`, `www.whoami.ehpop.com.br`)"
为了这个
- "traefik.http.routers.whoami.rule=Host(`whoami.ehpop.com.br`)"
- "traefik.http.routers.whoami-secure.rule=Host(`whoami.ehpop.com.br`)"
成功了 你已经解决了这个问题。我认为有一个问题,由于二度子域。
############################################
Files and settings I'm using:
############################################
############################################
[Traefik v2.] - docker-compose.yml with httpChallenge
############################################
version: '3.7'
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik.yml:/traefik.yml:ro
- ./acme.json:/acme.json
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.traefik-auth.basicauth.users=admin:$$password"
- "traefik.http.routers.traefik.rule=Host(`traefik.ehpop.com.br`)"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.ehpop.com.br`)"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.permanent=true"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls.certresolver=http"
- "traefik.http.routers.traefik-secure.service=api@internal"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
networks:
proxy:
external: true
############################################
[Traefik v2.] - traefik.yml with httpChallenge
############################################
api:
dashboard: true
# Writing Logs to a File, in JSON
log:
level: DEBUG
filePath: "log-file.log"
format: json
# Configuring a buffer of 100 lines
accessLog:
filePath: "log-access.log"
bufferingSize: 100
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
certificatesResolvers:
http:
acme:
email: naugustijr@gmail.com
storage: acme.json
httpChallenge:
entryPoint: http
############################################
[Traefik v2.] - whoami - docker-compose.yml
############################################
version: '3.7'
services:
whoami:
image: containous/whoami
container_name: whoami
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.entrypoints=http"
- "traefik.http.routers.whoami.rule=Host(`whoami.ehpop.com.br`, `www.whoami.ehpop.com.br`)"
- "traefik.http.middlewares.whoami-https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.whoami-https-redirect.redirectscheme.permanent=true"
- "traefik.http.routers.whoami.middlewares=whoami-https-redirect"
- "traefik.http.routers.whoami-secure.entrypoints=https"
- "traefik.http.routers.whoami-secure.rule=Host(`whoami.ehpop.com.br`, `www.whoami.ehpop.com.br`)"
- "traefik.http.routers.whoami-secure.tls=true"
- "traefik.http.routers.whoami-secure.tls.certresolver=http"
- "traefik.http.routers.whoami-secure.service=whoami"
- "traefik.http.services.whoami.loadbalancer.server.port=80"
- "traefik.docker.network=proxy"
networks:
proxy:
external: true
- "traefik.http.routers.whoami.rule=Host(`whoami.ehpop.com.br`, `www.whoami.ehpop.com.br`)"
- "traefik.http.routers.whoami-secure.rule=Host(`whoami.ehpop.com.br`, `www.whoami.ehpop.com.br`)"
- "traefik.http.routers.whoami.rule=Host(`whoami.ehpop.com.br`)"
- "traefik.http.routers.whoami-secure.rule=Host(`whoami.ehpop.com.br`)"