Я возился с Traefik несколько часов и нахожу его чрезвычайно интересным. Однако столкнулся с проблемой, которую не могу решить самостоятельно.
Это очень простая настройка, я просто пытаюсь протестировать перенаправление с HTTP на HTTPS и мои SSL-сертификаты.
У меня есть следующее docker-compose.yml
version: '2'
services:
traefik:
image: traefik:v1.3.7-alpine
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:z
- /opt/dockerapp/rocketchat/traefik/traefik.toml:/etc/traefik/traefik.toml:ro,z
- /opt/dockerapp/rocketchat/traefik/ssl:/etc/traefik/ssl/:ro,z
command: --logLevel=DEBUG
My traefik.toml is
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
CertFile = "ssl/mycert.pem"
KeyFile = "ssl/mycert.key"
[docker]
domain = "docker.local"
watch = true
[web]
address = ":8080"
Однако, когда я пытаюсь запустить его:
docker-compose up
Starting rocketchat_traefik_1
Attaching to rocketchat_traefik_1
traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Traefik version v1.3.7 built on 2017-08-25_08:56:06PM"
traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Using TOML configuration file /etc/traefik/traefik.toml"
traefik_1 | time="2017-08-29T13:45:55Z" level=debug msg="Global configuration loaded {"GraceTimeOut":10000000000,"Debug":false,"CheckNewVersion":true,"AccessLogsFile":"","TraefikLogsFile":"","LogLevel":"DEBUG","EntryPoints":{"http":{"Network":"","Address":":80","TLS":null,"Redirect":{"EntryPoint":"https","Regex":"","Replacement":""},"Auth":null,"Compress":false},"https":{"Network":"","Address":":443","TLS":{"MinVersion":"","CipherSuites":null,"Certificates":[{"CertFile":"ssl/mycert.pem","KeyFile":"ssl/mycert.key"}],"ClientCAFiles":null},"Redirect":null,"Auth":null,"Compress":false}},"Cluster":null,"Constraints":[],"ACME":null,"DefaultEntryPoints":["http","https"],"ProvidersThrottleDuration":2000000000,"MaxIdleConnsPerHost":200,"IdleTimeout":180000000000,"InsecureSkipVerify":false,"Retry":null,"HealthCheck":{"Interval":30000000000},"Docker":{"Watch":true,"Filename":"","Constraints":null,"Endpoint":"unix:///var/run/docker.sock","Domain":"docker.local","TLS":null,"ExposedByDefault":true,"UseBindPortIP":false,"SwarmMode":false},"File":null,"Web":{"Address":":8080","CertFile":"","KeyFile":"","ReadOnly":false,"Statistics":null,"Metrics":null,"Path":"","Auth":null},"Marathon":null,"Consul":null,"ConsulCatalog":null,"Etcd":null,"Zookeeper":null,"Boltdb":null,"Kubernetes":null,"Mesos":null,"Eureka":null,"ECS":null,"Rancher":null,"DynamoDB":null}"
traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Preparing server http &{Network: Address::80 TLS:<nil> Redirect:0xc4202f4ea0 Auth:<nil> Compress:false}"
traefik_1 | time="2017-08-29T13:45:55Z" level=info msg="Preparing server https &{Network: Address::443 TLS:0xc42032c000 Redirect:<nil> Auth:<nil> Compress:false}"
traefik_1 | time="2017-08-29T13:45:55Z" level=error msg="Error creating TLS config: tls: failed to find any PEM data in certificate input"
traefik_1 | time="2017-08-29T13:45:55Z" level=fatal msg="Error preparing server: tls: failed to find any PEM data in certificate input"
rocketchat_traefik_1 exited with code 1
Что, похоже, указывает на то, что с моим сертификатом что-то не так. Я точно знаю, что с сертификатом все в порядке, это подстановочный сертификат, который мы успешно используем с Apache и NGINX.
Я уже проверил этот возможный ответ, но и сертификат, и закрытый ключ соответствуют этим параметрам.
Кто-нибудь может пролить свет?
Спасибо!
