Traefik https后端通信导致x509:证书对127.0.0.1有效<Container IP>
[英]Traefik https backend communication causes x509: certificate is valid for 127.0.0.1 not <Container IP>
问题描述
Using Traefik, I have a https backend which is a docker container running webpack devserver in https mode - ie the devserver is generating a self signed ssl certificate. 
使用Traefik,我有一个https后端,它是一个以https模式运行webpack devserver的docker容器-即devserver正在生成一个自签名的ssl证书。
While access I get x509: certificate is valid for 127.0.0.1 not #backendContainerIP#. 访问时得到x509:证书对127.0.0.1有效,而不对#backendContainerIP#有效。
I have tried setting label ' traefik.frontend.auth.forward.tls.insecureSkipVerify=true ' on Traefik service, in hope that it would ignore the certificate validity but that didn't worked. 我尝试在Traefik服务上设置标签' traefik.frontend.auth.forward.tls.insecureSkipVerify=true ',希望它会忽略证书的有效性,但是没有用。
Here is the relevant extract from compose file:- 这是撰写文件的相关摘录:
traefik:
image: traefik:1.7.8-alpine
command: --docker --logLevel=DEBUG
ports:
- 86:443
volumes:
- <traefikConfigFilePath>:/traefik.toml
- <traefikAcmeFilePath>:/acme.json
- /var/run/docker.sock:/var/run/docker.sock
labels:
- traefik.frontend.auth.forward.tls.insecureSkipVerify=true
networks:
- <dockerNetwork>
container_name: traefik
depends_on:
- portal
portal:
build: <github link>
expose:
- <portalPort>
labels:
- traefik.backend=portal
- traefik.enable=true
- traefik.docker.network=<dockerNetwork>
- traefik.port=<portalPort>
- traefik.protocol=https
- traefik.frontend.rule=PathPrefixStrip:/
networks:
- <dockerNetwork>
Here is the relevant toml file 这是相关的toml文件
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address=":80"
[entryPoints.http.redirect]
entryPoint="https"
[entryPoints.https]
address=":443"
[entryPoints.https.tls]
[acme]
email=<emailaddress>
storage="acme.json"
entryPoint="https"
onHostRule=true
onDemand=false
acmeLogging=true
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedByDefault = false
Any help would be greatly appreciated. 任何帮助将不胜感激。 Thanks, 谢谢,
1 个解决方案
解决方案1
0 2019-02-08 10:55:24
I got it working by adding insecureSkipVerify= true at the top level of toml, like this:- 我通过在toml的顶级添加insecureSkipVerify= true使其工作,如下所示:-
The toml file:-
...
insecureSkipVerify= true
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
....
And it was severe pain in finding that! 找到那个真是太痛苦了!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.