example traefik to docker with http work but not with https
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
1
I'm trying to make a traefik's POC. With http works perfect but not with https.
Let's encrypt certificates generated by traefik isn't ok and I don't know why.
I hope you can help me, thanks so much in advance.
I hope too it will help the community to have a complete simple example that works
root@ubuntu:~/traefik# ls -lt | more
total 8
-rw------- 1 root root 0 Nov 23 06:08 acme.json
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
The traefik.toml configuration file..
root@ubuntu:~/traefik# cat traefik.toml
logLevel = "DEBUG"
[traefikLog]
filePath = "./traefik.log"
format = "json"
[accessLog]
filePath = "./access.log"
format = "json"
[web]
# Port for the status page
address = ":8080"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "xpoveda@gmail.com"
storage = "acme.json"
onHostRule = true
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
entryPoint = "https"
[[acme.domains]]
main = "escalamas.com"
sans = ["test.escalamas.com"]
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedbydefault = false
And docker-compose for create a traefik service...
root@ubuntu:~/traefik# cat docker-compose.yml
version: '2'
services:
traefik:
image: traefik
command: --docker
ports:
- "80:80"
- "443:443"
- "8080:8080"
restart: always
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "./traefik.toml:/traefik.toml"
- "./acme.json:/acme.json"
- "./traefik.log:/traefik.log"
- "./access.log:/access.log"
networks:
- default
On other hand I have an simply dockerized application "hello world" in python ,Dockerfile and Docker compose.
root@ubuntu:~/apps# more start.py
from flask import Flask, request
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello " + request.host
if __name__ == "__main__":
app.run(debug=False,host='0.0.0.0')
root@ubuntu:~/apps# more Dockerfile
FROM python:2.7
WORKDIR /app
COPY . /app
RUN pip install flask
ENTRYPOINT ["python"]
CMD ["start.py"]
root@ubuntu:~/apps# more docker-compose.yml
version: '2'
services:
test:
build: .
labels:
- "traefik.enabled=true"
- "traefik.backend=test"
- "traefik.frontend.rule=Host:test.escalamas.com"
- "traefik.port=5000"
networks:
- "traefik_default"
restart: always
networks:
traefik_default:
external:
name: traefik_default
When I run everything...
cat /dev/null > /root/traefik/acme.json
cd /root/traefik
docker-compose up -d
Creating traefik_traefik_1 ...
Creating traefik_traefik_1 ... done
cd /root/apps
docker-compose up -d
Creating apps_test_1 ...
Creating apps_test_1 ... done
And when I execute with http all ok
root@ubuntu:~/traefik# curl --resolve test.escalamas.com:80:127.0.0.1 http://test.escalamas.com/
Hello test.escalamas.com
But https error in certificate: common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com') and 404 error in page
root@ubuntu:~/traefik# curl -v --resolve test.escalamas.com:443:127.0.0.1 https://test.escalamas.com/ --insecure
* Added test.escalamas.com:443:127.0.0.1 to DNS cache
* Hostname test.escalamas.com was found in DNS cache
* Trying 127.0.0.1...
* Connected to test.escalamas.com (127.0.0.1) port 443 (#0)
* found 149 certificates in /etc/ssl/certs/ca-certificates.crt
* found 593 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification SKIPPED
* server certificate status verification SKIPPED
* common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com')
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: CN=TRAEFIK DEFAULT CERT
* start date: Fri, 23 Nov 2018 14:16:22 GMT
* expire date: Sat, 23 Nov 2019 14:16:22 GMT
* issuer: CN=TRAEFIK DEFAULT CERT
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET / HTTP/1.1
> Host: test.escalamas.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Fri, 23 Nov 2018 14:19:03 GMT
< Content-Length: 19
<
404 page not found
* Connection #0 to host test.escalamas.com left intact
The acme.json is not empty but the certificate is not valid
root@ubuntu:~/traefik# cat acme.json
{
"Account": {
"Email": "xpoveda@gmail.com",
"Registration": {
"body": {
"status": "valid",
"contact": [
"mailto:xpoveda@gmail.com"
]
},
"uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/7415315"
},
"PrivateKey": "MIIJKQIBAAKCAgEA9uZaB5VJtoFj++cu3Z90GSKMI4NiLGBFLkYUQKYpQe57XxagF+e84t/rIXqmnYGc4RlnVWaApcKBgBB7j52rrAgrjD17lZa7Kh2N153WBeDw/RaDb2inB3BnOC7PU5BfzCoOicbD8rMuIH2zug/xAdQDwbAIWZSB7ljHlgLPP7uEKjih2fjjXi6p1Ld1sCvhHY3myw4frlY4L01AYdCiBvyn+izpQszJsISjQtN/JKFy7CZqFjUtCg9TA2j6RmM/hs6YOwkEcFU2P66jU+e4MYaTT2mtiK0mVq0mV3S1sFmOygAPEQGNUp0IgN0CaDbOlvTJ0GjibcfGBkJfaN/TWaauuXI0Y3GVWy5yIQu37rzXabHOQCBQXn8wISzoUO2VeljilMzM+3lH6Zk+QSjrEn3EFw+5kjUemqjbN1qI/CdMVFcWUGUP6Dus51pYY1nuBIj+9Zft5+AGCDRl4nxbC6WIlZK2ydIM5/DnGMWCcicGrhjm5Zzv9YGiMTqzXArARJJlOMYiQuYsmCbdoEJW/nFoBuLXhDKfrWV0CKAmfsE62dWgzKcK72QglwzLQS/RiwbI0NapjtuWvtrFi0q9NhzrKdOddineoikzG3Uc+b+fFksv5+N7tRN21kEDshDXoYH+jJWfJ+3JNqPgGCU4RFKnQjghrpEF9fw3N24rtVMCAwEAAQKCAgBb0j1HNrEMS8CYbVjTmTp/IocFqhX3tPHljLB5fpI3b+635V0ypr9rjKUQdWHDj/F9EYqJiy5q9xRcQUUCmzu+Jee0JyVv83e16PnYZ12yH/7f0OCerUf5D0eD8Hywci/+aOGxQZecCiEsejM+DjGuYV/oR4RDdGSB9Mh9NJxI8n7riNZAjzxXyXjloDkHhLoa2Kwtdho4Jt6MUOmRtxqbCJmcA9nYOvsDR8DD2I4fXF+2DW9ExQ/z/tD7oq35QW3dv7WDtw3MjRQ4yMT7LmElIgxk60NbYjGw6IIq4j+zzwq4ex8fTvl08Ou5qPf9M+zO3Ui01lznQPWXXFXJVfxuTvhbZEyVwP1bqju3Qd2hT26qRq8M+KHNhaMNlUZAxRx5hmpif7utTO05uYeSoqaWgTs+Zn8FWHvucmo3pNNXHV6noSqt2dCoaRlHarR9Hq2yPFkmI+ovstERUIUNIadTGDoKIklmql7PvZ+bDIm1EkVS3BuUz6PxAo+baPbR7Y9nnGe5r2Gvxbv8SNOINep5YgKl3uqatyKU+hjOS2lqmJhGc6w0ja3YWW3uRGFGyNNszVibCLqHRWIALmGclhdpghrKFKjwNf3l6bpReruouTG8XFOXlnhyntQo4S6pNdKYlR0TH4LtSJpNhBweFbkJJTWG/5IRnE6V/O6DH9jDaQKCAQEA/qX1i21DDOUUdU+ySRNVyPBEgF9rzwyT/R0fmJUgSAPEQZAftMbcUBwfAAqktJwVzrNPGNKdfP/uUjsxHaPTZOyIOFg6UgpJlX5ugecNufhkiWTQia3GkEKon3ENBKCrksBBdfoC2YmA106Dj3A8+BEBGC6YkMYu5TcW0hTEa5aa07xHt0r8rYQ5PbbqKEqkYFv7W84Lf4y4wuCTi0uxx2yqlGVtfPuVuf3Yyt2H8FajL1wevZkofiQTb1AjzrPWeZNq5vC6QKhXl8a6uBDNpx0s7Chks5ssaUm99vRVgTiGfMRa2yR2lFKXLCFTFnSYDkQbCiqs7GLM2tX8VufMDwKCAQEA+DXc91ztA9iHbbdFhIxCWfGm2q6D6BNLjG9hqUqhF7UUhJ8ngPjodpC2RDG6s6xhwp11Faw7og9JUaZmOm1Q1ThDMFUgFDFn+IrKsDcwePOhV6inxSdbSls7A2VkaXL3E0kIpEdMAnHMPk/3MjgLkbAOxlD1Z5O88UzyuIGSi2mt/Xo2AFef4ngYyAZ8hxvPSk0H7exu8c7Rlqgqfo2/Wk0+eY4NZXaRLs0yK4pD1D+YwMvCGgOTP0IbOYcKMjqjjDtqhlb0MxePK3w0UaYIOmL+g5I+GvbiWcD0ZT9pHjfSNAYQMgH6owXw4B8gSseXkqQqxUwqki5Gg3dO9afOfQKCAQEA3L0r7qLWHpVteIuPNn1GPZrZJpaQs7hpiF34h6Gti/+H3nV6ppBDZkYaMUUIpW8wEC+q/w+DaVnJUwrwdosOsku/gWgplfhI9QfV71FEutKxA9CaXN6AY4kE9sFe0YYddGan2AbS9ZOWVg0/SdW3ZCoJUtcBdW32NMfeRlmuMr0olSZ+3EpqYldd7ztiG28oskbJyzj/CqAHgRZ/j54cC40NCPorQM4taj678I68SgAwENu/4gaj7USEfFdx0rpdzqGVZ3+BVI8Y7v5b2TbnrldCG6ygLnjytIox26LNg+hl3D2xrIkdKVG2rZBtn+eN77/l2JhJsderUH9x8DuazQKCAQEAtUTxCR4uYl6iGTh9Zp3gXzuiNZa58qUUyY0Wb8J2/49ZWrm46fHeI6jv08HVrh44jx7bQWa1bldnnl+9zPHE1NLwDr48XULvwY3rFOJZXhvfOtuLGurxOs6BvKsxt+kkFEuEKiV/l1FwbhmMWHqhyFYhlCfP8ULt+/PMV38ZfQNC9BlqkrlrpMM8pehGzY07x/GV1uaS57m5SyOpVR9EHjjHZZKeqfj7coidGTsy6jE/551nNgRiZxJqO4spoSE+C83gsBeU5DNSddmRhAeTfsCJS6FkBeFD0XSfh8nVhSITO7cp4LudRa2zCprwxGwbgBawvcIwXO26xYw+eB2DKQKCAQAvBGGo8Dk7U9pIEZ0MWWQ7OKpZyLXcL6AzHOaJef1JTdLwBXXWS0fgxAphBUE/fBeIaXhOC3IPL9xL/83eOHIkK/aCljSrj12c8f9oDchgzBZEFQFsB38RtvCU0kcvwHdE8o1/+VSae6Wz4pm9i46aVtnHktcTuctEBR4zuoMtnmzquEWsXeWkUB350QPT5cz+YD0anXefB2N0Uaz30M8x9WD7CL9S1COc2yzcDRqcMRcHoYyc0E0wg0dfX6bPFOI3CEs5HqTGLBuAS7x/qQpmf24+wNFld/xRbQ7pX8OUnx0e8DQklti7xZqCOW7/8dbWda88N58nNZAhcwYrjxBR",
"KeyType": "4096"
},
"Certificates": null,
"HTTPChallenges": null,
"TLSChallenges": null
In addition, the log files are created as folders, not as files and I don't know how view the traefik.log beacause the classic docker run -it ssh not work with this image.
root@ubuntu:~/traefik# ls -lt | more
total 20
-rw------- 1 root root 3534 Nov 23 06:16 acme.json
drwxr-xr-x 2 root root 4096 Nov 23 06:16 access.log
drwxr-xr-x 2 root root 4096 Nov 23 06:16 traefik.log
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
thanks so much!!
Xavier.
traefik
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
add a comment |
1
I'm trying to make a traefik's POC. With http works perfect but not with https.
Let's encrypt certificates generated by traefik isn't ok and I don't know why.
I hope you can help me, thanks so much in advance.
I hope too it will help the community to have a complete simple example that works
root@ubuntu:~/traefik# ls -lt | more
total 8
-rw------- 1 root root 0 Nov 23 06:08 acme.json
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
The traefik.toml configuration file..
root@ubuntu:~/traefik# cat traefik.toml
logLevel = "DEBUG"
[traefikLog]
filePath = "./traefik.log"
format = "json"
[accessLog]
filePath = "./access.log"
format = "json"
[web]
# Port for the status page
address = ":8080"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "xpoveda@gmail.com"
storage = "acme.json"
onHostRule = true
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
entryPoint = "https"
[[acme.domains]]
main = "escalamas.com"
sans = ["test.escalamas.com"]
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedbydefault = false
And docker-compose for create a traefik service...
root@ubuntu:~/traefik# cat docker-compose.yml
version: '2'
services:
traefik:
image: traefik
command: --docker
ports:
- "80:80"
- "443:443"
- "8080:8080"
restart: always
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "./traefik.toml:/traefik.toml"
- "./acme.json:/acme.json"
- "./traefik.log:/traefik.log"
- "./access.log:/access.log"
networks:
- default
On other hand I have an simply dockerized application "hello world" in python ,Dockerfile and Docker compose.
root@ubuntu:~/apps# more start.py
from flask import Flask, request
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello " + request.host
if __name__ == "__main__":
app.run(debug=False,host='0.0.0.0')
root@ubuntu:~/apps# more Dockerfile
FROM python:2.7
WORKDIR /app
COPY . /app
RUN pip install flask
ENTRYPOINT ["python"]
CMD ["start.py"]
root@ubuntu:~/apps# more docker-compose.yml
version: '2'
services:
test:
build: .
labels:
- "traefik.enabled=true"
- "traefik.backend=test"
- "traefik.frontend.rule=Host:test.escalamas.com"
- "traefik.port=5000"
networks:
- "traefik_default"
restart: always
networks:
traefik_default:
external:
name: traefik_default
When I run everything...
cat /dev/null > /root/traefik/acme.json
cd /root/traefik
docker-compose up -d
Creating traefik_traefik_1 ...
Creating traefik_traefik_1 ... done
cd /root/apps
docker-compose up -d
Creating apps_test_1 ...
Creating apps_test_1 ... done
And when I execute with http all ok
root@ubuntu:~/traefik# curl --resolve test.escalamas.com:80:127.0.0.1 http://test.escalamas.com/
Hello test.escalamas.com
But https error in certificate: common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com') and 404 error in page
root@ubuntu:~/traefik# curl -v --resolve test.escalamas.com:443:127.0.0.1 https://test.escalamas.com/ --insecure
* Added test.escalamas.com:443:127.0.0.1 to DNS cache
* Hostname test.escalamas.com was found in DNS cache
* Trying 127.0.0.1...
* Connected to test.escalamas.com (127.0.0.1) port 443 (#0)
* found 149 certificates in /etc/ssl/certs/ca-certificates.crt
* found 593 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification SKIPPED
* server certificate status verification SKIPPED
* common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com')
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: CN=TRAEFIK DEFAULT CERT
* start date: Fri, 23 Nov 2018 14:16:22 GMT
* expire date: Sat, 23 Nov 2019 14:16:22 GMT
* issuer: CN=TRAEFIK DEFAULT CERT
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET / HTTP/1.1
> Host: test.escalamas.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Fri, 23 Nov 2018 14:19:03 GMT
< Content-Length: 19
<
404 page not found
* Connection #0 to host test.escalamas.com left intact
The acme.json is not empty but the certificate is not valid
root@ubuntu:~/traefik# cat acme.json
{
"Account": {
"Email": "xpoveda@gmail.com",
"Registration": {
"body": {
"status": "valid",
"contact": [
"mailto:xpoveda@gmail.com"
]
},
"uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/7415315"
},
"PrivateKey": "MIIJKQIBAAKCAgEA9uZaB5VJtoFj++cu3Z90GSKMI4NiLGBFLkYUQKYpQe57XxagF+e84t/rIXqmnYGc4RlnVWaApcKBgBB7j52rrAgrjD17lZa7Kh2N153WBeDw/RaDb2inB3BnOC7PU5BfzCoOicbD8rMuIH2zug/xAdQDwbAIWZSB7ljHlgLPP7uEKjih2fjjXi6p1Ld1sCvhHY3myw4frlY4L01AYdCiBvyn+izpQszJsISjQtN/JKFy7CZqFjUtCg9TA2j6RmM/hs6YOwkEcFU2P66jU+e4MYaTT2mtiK0mVq0mV3S1sFmOygAPEQGNUp0IgN0CaDbOlvTJ0GjibcfGBkJfaN/TWaauuXI0Y3GVWy5yIQu37rzXabHOQCBQXn8wISzoUO2VeljilMzM+3lH6Zk+QSjrEn3EFw+5kjUemqjbN1qI/CdMVFcWUGUP6Dus51pYY1nuBIj+9Zft5+AGCDRl4nxbC6WIlZK2ydIM5/DnGMWCcicGrhjm5Zzv9YGiMTqzXArARJJlOMYiQuYsmCbdoEJW/nFoBuLXhDKfrWV0CKAmfsE62dWgzKcK72QglwzLQS/RiwbI0NapjtuWvtrFi0q9NhzrKdOddineoikzG3Uc+b+fFksv5+N7tRN21kEDshDXoYH+jJWfJ+3JNqPgGCU4RFKnQjghrpEF9fw3N24rtVMCAwEAAQKCAgBb0j1HNrEMS8CYbVjTmTp/IocFqhX3tPHljLB5fpI3b+635V0ypr9rjKUQdWHDj/F9EYqJiy5q9xRcQUUCmzu+Jee0JyVv83e16PnYZ12yH/7f0OCerUf5D0eD8Hywci/+aOGxQZecCiEsejM+DjGuYV/oR4RDdGSB9Mh9NJxI8n7riNZAjzxXyXjloDkHhLoa2Kwtdho4Jt6MUOmRtxqbCJmcA9nYOvsDR8DD2I4fXF+2DW9ExQ/z/tD7oq35QW3dv7WDtw3MjRQ4yMT7LmElIgxk60NbYjGw6IIq4j+zzwq4ex8fTvl08Ou5qPf9M+zO3Ui01lznQPWXXFXJVfxuTvhbZEyVwP1bqju3Qd2hT26qRq8M+KHNhaMNlUZAxRx5hmpif7utTO05uYeSoqaWgTs+Zn8FWHvucmo3pNNXHV6noSqt2dCoaRlHarR9Hq2yPFkmI+ovstERUIUNIadTGDoKIklmql7PvZ+bDIm1EkVS3BuUz6PxAo+baPbR7Y9nnGe5r2Gvxbv8SNOINep5YgKl3uqatyKU+hjOS2lqmJhGc6w0ja3YWW3uRGFGyNNszVibCLqHRWIALmGclhdpghrKFKjwNf3l6bpReruouTG8XFOXlnhyntQo4S6pNdKYlR0TH4LtSJpNhBweFbkJJTWG/5IRnE6V/O6DH9jDaQKCAQEA/qX1i21DDOUUdU+ySRNVyPBEgF9rzwyT/R0fmJUgSAPEQZAftMbcUBwfAAqktJwVzrNPGNKdfP/uUjsxHaPTZOyIOFg6UgpJlX5ugecNufhkiWTQia3GkEKon3ENBKCrksBBdfoC2YmA106Dj3A8+BEBGC6YkMYu5TcW0hTEa5aa07xHt0r8rYQ5PbbqKEqkYFv7W84Lf4y4wuCTi0uxx2yqlGVtfPuVuf3Yyt2H8FajL1wevZkofiQTb1AjzrPWeZNq5vC6QKhXl8a6uBDNpx0s7Chks5ssaUm99vRVgTiGfMRa2yR2lFKXLCFTFnSYDkQbCiqs7GLM2tX8VufMDwKCAQEA+DXc91ztA9iHbbdFhIxCWfGm2q6D6BNLjG9hqUqhF7UUhJ8ngPjodpC2RDG6s6xhwp11Faw7og9JUaZmOm1Q1ThDMFUgFDFn+IrKsDcwePOhV6inxSdbSls7A2VkaXL3E0kIpEdMAnHMPk/3MjgLkbAOxlD1Z5O88UzyuIGSi2mt/Xo2AFef4ngYyAZ8hxvPSk0H7exu8c7Rlqgqfo2/Wk0+eY4NZXaRLs0yK4pD1D+YwMvCGgOTP0IbOYcKMjqjjDtqhlb0MxePK3w0UaYIOmL+g5I+GvbiWcD0ZT9pHjfSNAYQMgH6owXw4B8gSseXkqQqxUwqki5Gg3dO9afOfQKCAQEA3L0r7qLWHpVteIuPNn1GPZrZJpaQs7hpiF34h6Gti/+H3nV6ppBDZkYaMUUIpW8wEC+q/w+DaVnJUwrwdosOsku/gWgplfhI9QfV71FEutKxA9CaXN6AY4kE9sFe0YYddGan2AbS9ZOWVg0/SdW3ZCoJUtcBdW32NMfeRlmuMr0olSZ+3EpqYldd7ztiG28oskbJyzj/CqAHgRZ/j54cC40NCPorQM4taj678I68SgAwENu/4gaj7USEfFdx0rpdzqGVZ3+BVI8Y7v5b2TbnrldCG6ygLnjytIox26LNg+hl3D2xrIkdKVG2rZBtn+eN77/l2JhJsderUH9x8DuazQKCAQEAtUTxCR4uYl6iGTh9Zp3gXzuiNZa58qUUyY0Wb8J2/49ZWrm46fHeI6jv08HVrh44jx7bQWa1bldnnl+9zPHE1NLwDr48XULvwY3rFOJZXhvfOtuLGurxOs6BvKsxt+kkFEuEKiV/l1FwbhmMWHqhyFYhlCfP8ULt+/PMV38ZfQNC9BlqkrlrpMM8pehGzY07x/GV1uaS57m5SyOpVR9EHjjHZZKeqfj7coidGTsy6jE/551nNgRiZxJqO4spoSE+C83gsBeU5DNSddmRhAeTfsCJS6FkBeFD0XSfh8nVhSITO7cp4LudRa2zCprwxGwbgBawvcIwXO26xYw+eB2DKQKCAQAvBGGo8Dk7U9pIEZ0MWWQ7OKpZyLXcL6AzHOaJef1JTdLwBXXWS0fgxAphBUE/fBeIaXhOC3IPL9xL/83eOHIkK/aCljSrj12c8f9oDchgzBZEFQFsB38RtvCU0kcvwHdE8o1/+VSae6Wz4pm9i46aVtnHktcTuctEBR4zuoMtnmzquEWsXeWkUB350QPT5cz+YD0anXefB2N0Uaz30M8x9WD7CL9S1COc2yzcDRqcMRcHoYyc0E0wg0dfX6bPFOI3CEs5HqTGLBuAS7x/qQpmf24+wNFld/xRbQ7pX8OUnx0e8DQklti7xZqCOW7/8dbWda88N58nNZAhcwYrjxBR",
"KeyType": "4096"
},
"Certificates": null,
"HTTPChallenges": null,
"TLSChallenges": null
In addition, the log files are created as folders, not as files and I don't know how view the traefik.log beacause the classic docker run -it ssh not work with this image.
root@ubuntu:~/traefik# ls -lt | more
total 20
-rw------- 1 root root 3534 Nov 23 06:16 acme.json
drwxr-xr-x 2 root root 4096 Nov 23 06:16 access.log
drwxr-xr-x 2 root root 4096 Nov 23 06:16 traefik.log
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
thanks so much!!
Xavier.
traefik
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
add a comment |
1
1
1
I'm trying to make a traefik's POC. With http works perfect but not with https.
Let's encrypt certificates generated by traefik isn't ok and I don't know why.
I hope you can help me, thanks so much in advance.
I hope too it will help the community to have a complete simple example that works
root@ubuntu:~/traefik# ls -lt | more
total 8
-rw------- 1 root root 0 Nov 23 06:08 acme.json
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
The traefik.toml configuration file..
root@ubuntu:~/traefik# cat traefik.toml
logLevel = "DEBUG"
[traefikLog]
filePath = "./traefik.log"
format = "json"
[accessLog]
filePath = "./access.log"
format = "json"
[web]
# Port for the status page
address = ":8080"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "xpoveda@gmail.com"
storage = "acme.json"
onHostRule = true
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
entryPoint = "https"
[[acme.domains]]
main = "escalamas.com"
sans = ["test.escalamas.com"]
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedbydefault = false
And docker-compose for create a traefik service...
root@ubuntu:~/traefik# cat docker-compose.yml
version: '2'
services:
traefik:
image: traefik
command: --docker
ports:
- "80:80"
- "443:443"
- "8080:8080"
restart: always
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "./traefik.toml:/traefik.toml"
- "./acme.json:/acme.json"
- "./traefik.log:/traefik.log"
- "./access.log:/access.log"
networks:
- default
On other hand I have an simply dockerized application "hello world" in python ,Dockerfile and Docker compose.
root@ubuntu:~/apps# more start.py
from flask import Flask, request
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello " + request.host
if __name__ == "__main__":
app.run(debug=False,host='0.0.0.0')
root@ubuntu:~/apps# more Dockerfile
FROM python:2.7
WORKDIR /app
COPY . /app
RUN pip install flask
ENTRYPOINT ["python"]
CMD ["start.py"]
root@ubuntu:~/apps# more docker-compose.yml
version: '2'
services:
test:
build: .
labels:
- "traefik.enabled=true"
- "traefik.backend=test"
- "traefik.frontend.rule=Host:test.escalamas.com"
- "traefik.port=5000"
networks:
- "traefik_default"
restart: always
networks:
traefik_default:
external:
name: traefik_default
When I run everything...
cat /dev/null > /root/traefik/acme.json
cd /root/traefik
docker-compose up -d
Creating traefik_traefik_1 ...
Creating traefik_traefik_1 ... done
cd /root/apps
docker-compose up -d
Creating apps_test_1 ...
Creating apps_test_1 ... done
And when I execute with http all ok
root@ubuntu:~/traefik# curl --resolve test.escalamas.com:80:127.0.0.1 http://test.escalamas.com/
Hello test.escalamas.com
But https error in certificate: common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com') and 404 error in page
root@ubuntu:~/traefik# curl -v --resolve test.escalamas.com:443:127.0.0.1 https://test.escalamas.com/ --insecure
* Added test.escalamas.com:443:127.0.0.1 to DNS cache
* Hostname test.escalamas.com was found in DNS cache
* Trying 127.0.0.1...
* Connected to test.escalamas.com (127.0.0.1) port 443 (#0)
* found 149 certificates in /etc/ssl/certs/ca-certificates.crt
* found 593 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification SKIPPED
* server certificate status verification SKIPPED
* common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com')
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: CN=TRAEFIK DEFAULT CERT
* start date: Fri, 23 Nov 2018 14:16:22 GMT
* expire date: Sat, 23 Nov 2019 14:16:22 GMT
* issuer: CN=TRAEFIK DEFAULT CERT
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET / HTTP/1.1
> Host: test.escalamas.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Fri, 23 Nov 2018 14:19:03 GMT
< Content-Length: 19
<
404 page not found
* Connection #0 to host test.escalamas.com left intact
The acme.json is not empty but the certificate is not valid
root@ubuntu:~/traefik# cat acme.json
{
"Account": {
"Email": "xpoveda@gmail.com",
"Registration": {
"body": {
"status": "valid",
"contact": [
"mailto:xpoveda@gmail.com"
]
},
"uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/7415315"
},
"PrivateKey": "MIIJKQIBAAKCAgEA9uZaB5VJtoFj++cu3Z90GSKMI4NiLGBFLkYUQKYpQe57XxagF+e84t/rIXqmnYGc4RlnVWaApcKBgBB7j52rrAgrjD17lZa7Kh2N153WBeDw/RaDb2inB3BnOC7PU5BfzCoOicbD8rMuIH2zug/xAdQDwbAIWZSB7ljHlgLPP7uEKjih2fjjXi6p1Ld1sCvhHY3myw4frlY4L01AYdCiBvyn+izpQszJsISjQtN/JKFy7CZqFjUtCg9TA2j6RmM/hs6YOwkEcFU2P66jU+e4MYaTT2mtiK0mVq0mV3S1sFmOygAPEQGNUp0IgN0CaDbOlvTJ0GjibcfGBkJfaN/TWaauuXI0Y3GVWy5yIQu37rzXabHOQCBQXn8wISzoUO2VeljilMzM+3lH6Zk+QSjrEn3EFw+5kjUemqjbN1qI/CdMVFcWUGUP6Dus51pYY1nuBIj+9Zft5+AGCDRl4nxbC6WIlZK2ydIM5/DnGMWCcicGrhjm5Zzv9YGiMTqzXArARJJlOMYiQuYsmCbdoEJW/nFoBuLXhDKfrWV0CKAmfsE62dWgzKcK72QglwzLQS/RiwbI0NapjtuWvtrFi0q9NhzrKdOddineoikzG3Uc+b+fFksv5+N7tRN21kEDshDXoYH+jJWfJ+3JNqPgGCU4RFKnQjghrpEF9fw3N24rtVMCAwEAAQKCAgBb0j1HNrEMS8CYbVjTmTp/IocFqhX3tPHljLB5fpI3b+635V0ypr9rjKUQdWHDj/F9EYqJiy5q9xRcQUUCmzu+Jee0JyVv83e16PnYZ12yH/7f0OCerUf5D0eD8Hywci/+aOGxQZecCiEsejM+DjGuYV/oR4RDdGSB9Mh9NJxI8n7riNZAjzxXyXjloDkHhLoa2Kwtdho4Jt6MUOmRtxqbCJmcA9nYOvsDR8DD2I4fXF+2DW9ExQ/z/tD7oq35QW3dv7WDtw3MjRQ4yMT7LmElIgxk60NbYjGw6IIq4j+zzwq4ex8fTvl08Ou5qPf9M+zO3Ui01lznQPWXXFXJVfxuTvhbZEyVwP1bqju3Qd2hT26qRq8M+KHNhaMNlUZAxRx5hmpif7utTO05uYeSoqaWgTs+Zn8FWHvucmo3pNNXHV6noSqt2dCoaRlHarR9Hq2yPFkmI+ovstERUIUNIadTGDoKIklmql7PvZ+bDIm1EkVS3BuUz6PxAo+baPbR7Y9nnGe5r2Gvxbv8SNOINep5YgKl3uqatyKU+hjOS2lqmJhGc6w0ja3YWW3uRGFGyNNszVibCLqHRWIALmGclhdpghrKFKjwNf3l6bpReruouTG8XFOXlnhyntQo4S6pNdKYlR0TH4LtSJpNhBweFbkJJTWG/5IRnE6V/O6DH9jDaQKCAQEA/qX1i21DDOUUdU+ySRNVyPBEgF9rzwyT/R0fmJUgSAPEQZAftMbcUBwfAAqktJwVzrNPGNKdfP/uUjsxHaPTZOyIOFg6UgpJlX5ugecNufhkiWTQia3GkEKon3ENBKCrksBBdfoC2YmA106Dj3A8+BEBGC6YkMYu5TcW0hTEa5aa07xHt0r8rYQ5PbbqKEqkYFv7W84Lf4y4wuCTi0uxx2yqlGVtfPuVuf3Yyt2H8FajL1wevZkofiQTb1AjzrPWeZNq5vC6QKhXl8a6uBDNpx0s7Chks5ssaUm99vRVgTiGfMRa2yR2lFKXLCFTFnSYDkQbCiqs7GLM2tX8VufMDwKCAQEA+DXc91ztA9iHbbdFhIxCWfGm2q6D6BNLjG9hqUqhF7UUhJ8ngPjodpC2RDG6s6xhwp11Faw7og9JUaZmOm1Q1ThDMFUgFDFn+IrKsDcwePOhV6inxSdbSls7A2VkaXL3E0kIpEdMAnHMPk/3MjgLkbAOxlD1Z5O88UzyuIGSi2mt/Xo2AFef4ngYyAZ8hxvPSk0H7exu8c7Rlqgqfo2/Wk0+eY4NZXaRLs0yK4pD1D+YwMvCGgOTP0IbOYcKMjqjjDtqhlb0MxePK3w0UaYIOmL+g5I+GvbiWcD0ZT9pHjfSNAYQMgH6owXw4B8gSseXkqQqxUwqki5Gg3dO9afOfQKCAQEA3L0r7qLWHpVteIuPNn1GPZrZJpaQs7hpiF34h6Gti/+H3nV6ppBDZkYaMUUIpW8wEC+q/w+DaVnJUwrwdosOsku/gWgplfhI9QfV71FEutKxA9CaXN6AY4kE9sFe0YYddGan2AbS9ZOWVg0/SdW3ZCoJUtcBdW32NMfeRlmuMr0olSZ+3EpqYldd7ztiG28oskbJyzj/CqAHgRZ/j54cC40NCPorQM4taj678I68SgAwENu/4gaj7USEfFdx0rpdzqGVZ3+BVI8Y7v5b2TbnrldCG6ygLnjytIox26LNg+hl3D2xrIkdKVG2rZBtn+eN77/l2JhJsderUH9x8DuazQKCAQEAtUTxCR4uYl6iGTh9Zp3gXzuiNZa58qUUyY0Wb8J2/49ZWrm46fHeI6jv08HVrh44jx7bQWa1bldnnl+9zPHE1NLwDr48XULvwY3rFOJZXhvfOtuLGurxOs6BvKsxt+kkFEuEKiV/l1FwbhmMWHqhyFYhlCfP8ULt+/PMV38ZfQNC9BlqkrlrpMM8pehGzY07x/GV1uaS57m5SyOpVR9EHjjHZZKeqfj7coidGTsy6jE/551nNgRiZxJqO4spoSE+C83gsBeU5DNSddmRhAeTfsCJS6FkBeFD0XSfh8nVhSITO7cp4LudRa2zCprwxGwbgBawvcIwXO26xYw+eB2DKQKCAQAvBGGo8Dk7U9pIEZ0MWWQ7OKpZyLXcL6AzHOaJef1JTdLwBXXWS0fgxAphBUE/fBeIaXhOC3IPL9xL/83eOHIkK/aCljSrj12c8f9oDchgzBZEFQFsB38RtvCU0kcvwHdE8o1/+VSae6Wz4pm9i46aVtnHktcTuctEBR4zuoMtnmzquEWsXeWkUB350QPT5cz+YD0anXefB2N0Uaz30M8x9WD7CL9S1COc2yzcDRqcMRcHoYyc0E0wg0dfX6bPFOI3CEs5HqTGLBuAS7x/qQpmf24+wNFld/xRbQ7pX8OUnx0e8DQklti7xZqCOW7/8dbWda88N58nNZAhcwYrjxBR",
"KeyType": "4096"
},
"Certificates": null,
"HTTPChallenges": null,
"TLSChallenges": null
In addition, the log files are created as folders, not as files and I don't know how view the traefik.log beacause the classic docker run -it ssh not work with this image.
root@ubuntu:~/traefik# ls -lt | more
total 20
-rw------- 1 root root 3534 Nov 23 06:16 acme.json
drwxr-xr-x 2 root root 4096 Nov 23 06:16 access.log
drwxr-xr-x 2 root root 4096 Nov 23 06:16 traefik.log
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
thanks so much!!
Xavier.
traefik
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
I'm trying to make a traefik's POC. With http works perfect but not with https.
Let's encrypt certificates generated by traefik isn't ok and I don't know why.
I hope you can help me, thanks so much in advance.
I hope too it will help the community to have a complete simple example that works
root@ubuntu:~/traefik# ls -lt | more
total 8
-rw------- 1 root root 0 Nov 23 06:08 acme.json
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
The traefik.toml configuration file..
root@ubuntu:~/traefik# cat traefik.toml
logLevel = "DEBUG"
[traefikLog]
filePath = "./traefik.log"
format = "json"
[accessLog]
filePath = "./access.log"
format = "json"
[web]
# Port for the status page
address = ":8080"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "xpoveda@gmail.com"
storage = "acme.json"
onHostRule = true
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
entryPoint = "https"
[[acme.domains]]
main = "escalamas.com"
sans = ["test.escalamas.com"]
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedbydefault = false
And docker-compose for create a traefik service...
root@ubuntu:~/traefik# cat docker-compose.yml
version: '2'
services:
traefik:
image: traefik
command: --docker
ports:
- "80:80"
- "443:443"
- "8080:8080"
restart: always
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "./traefik.toml:/traefik.toml"
- "./acme.json:/acme.json"
- "./traefik.log:/traefik.log"
- "./access.log:/access.log"
networks:
- default
On other hand I have an simply dockerized application "hello world" in python ,Dockerfile and Docker compose.
root@ubuntu:~/apps# more start.py
from flask import Flask, request
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello " + request.host
if __name__ == "__main__":
app.run(debug=False,host='0.0.0.0')
root@ubuntu:~/apps# more Dockerfile
FROM python:2.7
WORKDIR /app
COPY . /app
RUN pip install flask
ENTRYPOINT ["python"]
CMD ["start.py"]
root@ubuntu:~/apps# more docker-compose.yml
version: '2'
services:
test:
build: .
labels:
- "traefik.enabled=true"
- "traefik.backend=test"
- "traefik.frontend.rule=Host:test.escalamas.com"
- "traefik.port=5000"
networks:
- "traefik_default"
restart: always
networks:
traefik_default:
external:
name: traefik_default
When I run everything...
cat /dev/null > /root/traefik/acme.json
cd /root/traefik
docker-compose up -d
Creating traefik_traefik_1 ...
Creating traefik_traefik_1 ... done
cd /root/apps
docker-compose up -d
Creating apps_test_1 ...
Creating apps_test_1 ... done
And when I execute with http all ok
root@ubuntu:~/traefik# curl --resolve test.escalamas.com:80:127.0.0.1 http://test.escalamas.com/
Hello test.escalamas.com
But https error in certificate: common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com') and 404 error in page
root@ubuntu:~/traefik# curl -v --resolve test.escalamas.com:443:127.0.0.1 https://test.escalamas.com/ --insecure
* Added test.escalamas.com:443:127.0.0.1 to DNS cache
* Hostname test.escalamas.com was found in DNS cache
* Trying 127.0.0.1...
* Connected to test.escalamas.com (127.0.0.1) port 443 (#0)
* found 149 certificates in /etc/ssl/certs/ca-certificates.crt
* found 593 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification SKIPPED
* server certificate status verification SKIPPED
* common name: TRAEFIK DEFAULT CERT (does not match 'test.escalamas.com')
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: CN=TRAEFIK DEFAULT CERT
* start date: Fri, 23 Nov 2018 14:16:22 GMT
* expire date: Sat, 23 Nov 2019 14:16:22 GMT
* issuer: CN=TRAEFIK DEFAULT CERT
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET / HTTP/1.1
> Host: test.escalamas.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Fri, 23 Nov 2018 14:19:03 GMT
< Content-Length: 19
<
404 page not found
* Connection #0 to host test.escalamas.com left intact
The acme.json is not empty but the certificate is not valid
root@ubuntu:~/traefik# cat acme.json
{
"Account": {
"Email": "xpoveda@gmail.com",
"Registration": {
"body": {
"status": "valid",
"contact": [
"mailto:xpoveda@gmail.com"
]
},
"uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/7415315"
},
"PrivateKey": "MIIJKQIBAAKCAgEA9uZaB5VJtoFj++cu3Z90GSKMI4NiLGBFLkYUQKYpQe57XxagF+e84t/rIXqmnYGc4RlnVWaApcKBgBB7j52rrAgrjD17lZa7Kh2N153WBeDw/RaDb2inB3BnOC7PU5BfzCoOicbD8rMuIH2zug/xAdQDwbAIWZSB7ljHlgLPP7uEKjih2fjjXi6p1Ld1sCvhHY3myw4frlY4L01AYdCiBvyn+izpQszJsISjQtN/JKFy7CZqFjUtCg9TA2j6RmM/hs6YOwkEcFU2P66jU+e4MYaTT2mtiK0mVq0mV3S1sFmOygAPEQGNUp0IgN0CaDbOlvTJ0GjibcfGBkJfaN/TWaauuXI0Y3GVWy5yIQu37rzXabHOQCBQXn8wISzoUO2VeljilMzM+3lH6Zk+QSjrEn3EFw+5kjUemqjbN1qI/CdMVFcWUGUP6Dus51pYY1nuBIj+9Zft5+AGCDRl4nxbC6WIlZK2ydIM5/DnGMWCcicGrhjm5Zzv9YGiMTqzXArARJJlOMYiQuYsmCbdoEJW/nFoBuLXhDKfrWV0CKAmfsE62dWgzKcK72QglwzLQS/RiwbI0NapjtuWvtrFi0q9NhzrKdOddineoikzG3Uc+b+fFksv5+N7tRN21kEDshDXoYH+jJWfJ+3JNqPgGCU4RFKnQjghrpEF9fw3N24rtVMCAwEAAQKCAgBb0j1HNrEMS8CYbVjTmTp/IocFqhX3tPHljLB5fpI3b+635V0ypr9rjKUQdWHDj/F9EYqJiy5q9xRcQUUCmzu+Jee0JyVv83e16PnYZ12yH/7f0OCerUf5D0eD8Hywci/+aOGxQZecCiEsejM+DjGuYV/oR4RDdGSB9Mh9NJxI8n7riNZAjzxXyXjloDkHhLoa2Kwtdho4Jt6MUOmRtxqbCJmcA9nYOvsDR8DD2I4fXF+2DW9ExQ/z/tD7oq35QW3dv7WDtw3MjRQ4yMT7LmElIgxk60NbYjGw6IIq4j+zzwq4ex8fTvl08Ou5qPf9M+zO3Ui01lznQPWXXFXJVfxuTvhbZEyVwP1bqju3Qd2hT26qRq8M+KHNhaMNlUZAxRx5hmpif7utTO05uYeSoqaWgTs+Zn8FWHvucmo3pNNXHV6noSqt2dCoaRlHarR9Hq2yPFkmI+ovstERUIUNIadTGDoKIklmql7PvZ+bDIm1EkVS3BuUz6PxAo+baPbR7Y9nnGe5r2Gvxbv8SNOINep5YgKl3uqatyKU+hjOS2lqmJhGc6w0ja3YWW3uRGFGyNNszVibCLqHRWIALmGclhdpghrKFKjwNf3l6bpReruouTG8XFOXlnhyntQo4S6pNdKYlR0TH4LtSJpNhBweFbkJJTWG/5IRnE6V/O6DH9jDaQKCAQEA/qX1i21DDOUUdU+ySRNVyPBEgF9rzwyT/R0fmJUgSAPEQZAftMbcUBwfAAqktJwVzrNPGNKdfP/uUjsxHaPTZOyIOFg6UgpJlX5ugecNufhkiWTQia3GkEKon3ENBKCrksBBdfoC2YmA106Dj3A8+BEBGC6YkMYu5TcW0hTEa5aa07xHt0r8rYQ5PbbqKEqkYFv7W84Lf4y4wuCTi0uxx2yqlGVtfPuVuf3Yyt2H8FajL1wevZkofiQTb1AjzrPWeZNq5vC6QKhXl8a6uBDNpx0s7Chks5ssaUm99vRVgTiGfMRa2yR2lFKXLCFTFnSYDkQbCiqs7GLM2tX8VufMDwKCAQEA+DXc91ztA9iHbbdFhIxCWfGm2q6D6BNLjG9hqUqhF7UUhJ8ngPjodpC2RDG6s6xhwp11Faw7og9JUaZmOm1Q1ThDMFUgFDFn+IrKsDcwePOhV6inxSdbSls7A2VkaXL3E0kIpEdMAnHMPk/3MjgLkbAOxlD1Z5O88UzyuIGSi2mt/Xo2AFef4ngYyAZ8hxvPSk0H7exu8c7Rlqgqfo2/Wk0+eY4NZXaRLs0yK4pD1D+YwMvCGgOTP0IbOYcKMjqjjDtqhlb0MxePK3w0UaYIOmL+g5I+GvbiWcD0ZT9pHjfSNAYQMgH6owXw4B8gSseXkqQqxUwqki5Gg3dO9afOfQKCAQEA3L0r7qLWHpVteIuPNn1GPZrZJpaQs7hpiF34h6Gti/+H3nV6ppBDZkYaMUUIpW8wEC+q/w+DaVnJUwrwdosOsku/gWgplfhI9QfV71FEutKxA9CaXN6AY4kE9sFe0YYddGan2AbS9ZOWVg0/SdW3ZCoJUtcBdW32NMfeRlmuMr0olSZ+3EpqYldd7ztiG28oskbJyzj/CqAHgRZ/j54cC40NCPorQM4taj678I68SgAwENu/4gaj7USEfFdx0rpdzqGVZ3+BVI8Y7v5b2TbnrldCG6ygLnjytIox26LNg+hl3D2xrIkdKVG2rZBtn+eN77/l2JhJsderUH9x8DuazQKCAQEAtUTxCR4uYl6iGTh9Zp3gXzuiNZa58qUUyY0Wb8J2/49ZWrm46fHeI6jv08HVrh44jx7bQWa1bldnnl+9zPHE1NLwDr48XULvwY3rFOJZXhvfOtuLGurxOs6BvKsxt+kkFEuEKiV/l1FwbhmMWHqhyFYhlCfP8ULt+/PMV38ZfQNC9BlqkrlrpMM8pehGzY07x/GV1uaS57m5SyOpVR9EHjjHZZKeqfj7coidGTsy6jE/551nNgRiZxJqO4spoSE+C83gsBeU5DNSddmRhAeTfsCJS6FkBeFD0XSfh8nVhSITO7cp4LudRa2zCprwxGwbgBawvcIwXO26xYw+eB2DKQKCAQAvBGGo8Dk7U9pIEZ0MWWQ7OKpZyLXcL6AzHOaJef1JTdLwBXXWS0fgxAphBUE/fBeIaXhOC3IPL9xL/83eOHIkK/aCljSrj12c8f9oDchgzBZEFQFsB38RtvCU0kcvwHdE8o1/+VSae6Wz4pm9i46aVtnHktcTuctEBR4zuoMtnmzquEWsXeWkUB350QPT5cz+YD0anXefB2N0Uaz30M8x9WD7CL9S1COc2yzcDRqcMRcHoYyc0E0wg0dfX6bPFOI3CEs5HqTGLBuAS7x/qQpmf24+wNFld/xRbQ7pX8OUnx0e8DQklti7xZqCOW7/8dbWda88N58nNZAhcwYrjxBR",
"KeyType": "4096"
},
"Certificates": null,
"HTTPChallenges": null,
"TLSChallenges": null
In addition, the log files are created as folders, not as files and I don't know how view the traefik.log beacause the classic docker run -it ssh not work with this image.
root@ubuntu:~/traefik# ls -lt | more
total 20
-rw------- 1 root root 3534 Nov 23 06:16 acme.json
drwxr-xr-x 2 root root 4096 Nov 23 06:16 access.log
drwxr-xr-x 2 root root 4096 Nov 23 06:16 traefik.log
-rw-r--r-- 1 root root 698 Nov 23 05:57 traefik.toml
-rw-r--r-- 1 root root 399 Nov 23 05:56 docker-compose.yml
thanks so much!!
Xavier.
traefik
traefik
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
asked Nov 23 '18 at 14:41
Xavier Poveda NavarroXavier Poveda Navarro
113
113
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53448713%2fexample-traefik-to-docker-with-http-work-but-not-with-https%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
draft saved
draft discarded
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53448713%2fexample-traefik-to-docker-with-http-work-but-not-with-https%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
