获取ssl证书的问题

Issues obtaining ssl certificate

背景

我正在尝试将 traefik 仪表板设置为可在 sub.domain.com 访问,并通过 Let's Encrypt SSL 证书自动保护它。使用下面的配置文件,我成功地设置了容器并使仪表板可以通过 https://sub.domain.com.

访问

我有多个A记录指向同一个IP,即VPS:

问题

加载仪表板页面后,我收到一个不受信任的证书错误。

日志和配置

traefik.toml

defaultEntryPoints = ["http", "https"]
debug = true

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

[acme]
email = "name@domain.com"
storage = "acme.json"
entryPoint = "https"
[acme.httpChallenge]
  entryPoint = "http"
OnHostRule = true

[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "domain.com"
watch = true
exposedbydefault = false

docker-compose.yml

version: '2'

services:
  traefik:
    image: traefik:1.5-alpine
    command: --web
    ports:
      - "80:80"
      - "443:443"
    restart: always
    labels:
      - "traefik.enable=true"
      - "traefik.backend=sub"
      - "traefik.frontend.rule=Host:sub.domain.com"
      - "traefik.port=8080"
      - "traefik.frontend.auth.basic=user:htpasswd"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "./traefik.toml:/traefik.toml"
      - "./acme.json:/acme.json"
    container_name: traefik
    networks:
      - default

您必须像这样更改您的配置:

[acme]
email = "name@domain.com"
storage = "acme.json"
entryPoint = "https"
OnHostRule = true # <-----------  
[acme.httpChallenge]
  entryPoint = "http"