Traefik：無法獲取域的ACME證書

Question

我正在使用traefik使用let加密通過https提供我的NAS上的某些服務。 現在我注意到我的nextcloud安裝的tls證書昨天晚上過期了。 Traefik有這樣的日志：

time="2018-08-31T22:43:08Z" level=error msg="Error getting ACME client: ACME client still not built, retrying in 6.83135832s"
time="2018-08-31T22:43:15Z" level=error msg="Error getting ACME client: ACME client still not built, retrying in 12.680203952s"
time="2018-08-31T22:43:28Z" level=error msg="Error getting ACME client: ACME client still not built"

我更新到v1.7，但現在錯誤有所不同：

time="2018-09-01T07:42:44Z" level=error msg="Unable to obtain ACME certificate for domains \"my.domain\" detected thanks to rule \"Host:cloud.dnas.one\" : cannot get ACME client ACME challenge not specified, please select TLS or HTTP or DNS Challenge"

此消息將發布到內部和外部的每個域。 找不到有關此問題的太多信息。

Traefik配置：

defaultEntryPoints = ["http", "https"]
idleTimeout = 0
dialTimeout = 0
logLevel = "WARN"

[entryPoints]

[entryPoints.http]
address = ":80"

#entryPoint = "https"

[entryPoints.https]
address = ":443"
[entryPoints.https.tls]

# Lets Encrypt via ACME
[acme]
email = "my@email.de"
storage = "acme.json"
entryPoint = "https"
onDemand = false
OnHostRule = true
caServer = "https://acme-v02.api.letsencrypt.org/directory"

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "nas.one"
watch = true

Answer 1

您的traefik.toml文件未指定用於從Let's Encrypt獲取證書的質詢方法。 1.7錯誤消息對此更加清楚。

如果要使用HTTP質詢 ，請添加以下行：

[acme.httpChallenge]
  entryPoint = "http"

如果要使用DNS質詢 （如果要使用通配符證書，則為必填項），請添加以下行：

[acme.dnsChallenge]
  provider = "YOURPROVIDER"
  delayBeforeCheck = 0

檢查文檔以了解其余的配置。