Error creating TLS config (v1.3.7)

我怕爱的太早我们不能终老 提交于 2019-12-11 17:13:53

问题


I've been fiddling with Traefik for a few hours and find it extremely interesting. However, I've ran into a problem that I can't seem to solve by myself.

It's a very simple setup, just trying to test the HTTP to HTTPS redirection and my SSL certificates.

I have the following docker-compose.yml

version: '2'

    services:
      traefik:
        image: traefik:v1.3.7-alpine
        ports:
          - "80:80"
          - "443:443"
          - "8080:8080"
        volumes:
          - /var/run/docker.sock:/var/run/docker.sock:z
          - /opt/dockerapp/rocketchat/traefik/traefik.toml:/etc/traefik/traefik.toml:ro,z
          - /opt/dockerapp/rocketchat/traefik/ssl:/etc/traefik/ssl/:ro,z
        command: --logLevel=DEBUG

My traefik.toml is

defaultEntryPoints = ["http", "https"]
[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
      [[entryPoints.https.tls.certificates]]
        CertFile = "ssl/mycert.pem"
        KeyFile = "ssl/mycert.key"
[docker]
domain = "docker.local"
watch = true

[web]
address = ":8080"

However, when I try to run it:

docker-compose up
Starting rocketchat_traefik_1
Attaching to rocketchat_traefik_1
traefik_1  | time="2017-08-29T13:45:55Z" level=info msg="Traefik version v1.3.7 built on 2017-08-25_08:56:06PM" 
traefik_1  | time="2017-08-29T13:45:55Z" level=info msg="Using TOML configuration file /etc/traefik/traefik.toml" 
traefik_1  | time="2017-08-29T13:45:55Z" level=debug msg="Global configuration loaded {"GraceTimeOut":10000000000,"Debug":false,"CheckNewVersion":true,"AccessLogsFile":"","TraefikLogsFile":"","LogLevel":"DEBUG","EntryPoints":{"http":{"Network":"","Address":":80","TLS":null,"Redirect":{"EntryPoint":"https","Regex":"","Replacement":""},"Auth":null,"Compress":false},"https":{"Network":"","Address":":443","TLS":{"MinVersion":"","CipherSuites":null,"Certificates":[{"CertFile":"ssl/mycert.pem","KeyFile":"ssl/mycert.key"}],"ClientCAFiles":null},"Redirect":null,"Auth":null,"Compress":false}},"Cluster":null,"Constraints":[],"ACME":null,"DefaultEntryPoints":["http","https"],"ProvidersThrottleDuration":2000000000,"MaxIdleConnsPerHost":200,"IdleTimeout":180000000000,"InsecureSkipVerify":false,"Retry":null,"HealthCheck":{"Interval":30000000000},"Docker":{"Watch":true,"Filename":"","Constraints":null,"Endpoint":"unix:///var/run/docker.sock","Domain":"docker.local","TLS":null,"ExposedByDefault":true,"UseBindPortIP":false,"SwarmMode":false},"File":null,"Web":{"Address":":8080","CertFile":"","KeyFile":"","ReadOnly":false,"Statistics":null,"Metrics":null,"Path":"","Auth":null},"Marathon":null,"Consul":null,"ConsulCatalog":null,"Etcd":null,"Zookeeper":null,"Boltdb":null,"Kubernetes":null,"Mesos":null,"Eureka":null,"ECS":null,"Rancher":null,"DynamoDB":null}" 
traefik_1  | time="2017-08-29T13:45:55Z" level=info msg="Preparing server http &{Network: Address::80 TLS:<nil> Redirect:0xc4202f4ea0 Auth:<nil> Compress:false}" 
traefik_1  | time="2017-08-29T13:45:55Z" level=info msg="Preparing server https &{Network: Address::443 TLS:0xc42032c000 Redirect:<nil> Auth:<nil> Compress:false}" 
traefik_1  | time="2017-08-29T13:45:55Z" level=error msg="Error creating TLS config: tls: failed to find any PEM data in certificate input" 
traefik_1  | time="2017-08-29T13:45:55Z" level=fatal msg="Error preparing server: tls: failed to find any PEM data in certificate input" 
rocketchat_traefik_1 exited with code 1

Which seems to indicate there's something wrong with my certificate. I know for sure the certificate is fine, it's a wildcard certificate we're using successfully with Apache and NGINX.

I've already checked this possible answer, but both the certificate and the private key match those parameters.

Can anybody shed some light?

Thanks!


回答1:


Looks like traefik is not finding your certificates. Try putting an absolute path for CertFile and KeyFile such as:

defaultEntryPoints = ["http", "https"]
[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
      [[entryPoints.https.tls.certificates]]
        CertFile = "/etc/traefik/ssl/mycert.pem"
        KeyFile = "/etc/traefik/ssl/mycert.key"
[docker]
domain = "docker.local"
watch = true

[web]
address = ":8080"


来源:https://stackoverflow.com/questions/45940935/error-creating-tls-config-v1-3-7

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!