"jrcs/letsencrypt-nginx-proxy-companion" docker 图片:已经为确切的域集颁发了太多证书
"jrcs/letsencrypt-nginx-proxy-companion" docker image: too many certificates already issued for exact set of domains
我正在使用“jwilder/nginx-proxy”和“jrcs/letsencrypt-nginx-proxy-companion”图像自动创建 ssl 证书,当服务器更新并且我 运行“docker -compose down”和“docker-compose up -d”出现以下错误:
letsencrypt_1 | [Mon Feb 8 11:48:47 UTC 2021] Please check log file for more details: /dev/null
letsencrypt_1 | Creating/renewal example.com certificates... (example.com www.example.com)
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Creating domain key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] The domain key is here: /etc/acme.sh/email@gmail.com/example.com/example.com.key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Multi domain='DNS:example.com,DNS:www.example.com'
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Getting domain auth token for each domain
letsencrypt_1 | [Mon Feb 8 11:48:49 UTC 2021] Create new order error. Le_OrderFinalize not found. {
letsencrypt_1 | "type": "urn:ietf:params:acme:error:rateLimited",
letsencrypt_1 | "detail": "Error creating new order :: too many certificates already issued for exact set of domains: example.com,www.example.com: see https://letsencrypt.org/docs/rate-limits/",
letsencrypt_1 | "status": 429
我知道 letsencrypt 允许在一周内创建有限数量的证书。
每次我必须执行“docker-compose down”和“docker-compose up -d”时,我都会使用其中一个实例来生成证书。现在我已经达到了限制,无法使用该网站。
避免生成不需要的证书的方法是什么?
有没有办法重置本周的计数器以继续使用该网站?
我的docker-compose.yml
version: "3"
services:
db:
image: postgres:12
restart: unless-stopped
env_file: ./.env
volumes:
- postgres_data:/var/lib/postgresql/data
web:
build:
context: .
restart: unless-stopped
env_file: ./.env
command: python manage.py runserver 0.0.0.0:80
volumes:
- static:/code/static/
- .:/code
#ports:
# - "8000:8000"
depends_on:
- db
nginx-proxy:
image: jwilder/nginx-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
environment:
- NGINX_PROXY_CONTAINER=nginx-proxy
volumes:
- certs:/etc/nginx/certs:rw
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
nginx:
image: nginx:1.19
restart: always
expose:
- "80"
volumes:
- ./config/nginx/conf.d:/etc/nginx/conf.d
- static:/code/static
- ./../ecoplatonica:/usr/share/nginx/html:ro
env_file: ./.env
depends_on:
- web
- nginx-proxy
- letsencrypt
volumes:
.:
postgres_data:
static:
certs:
html:
vhostd:
您需要为 nginx-proxy 安装 acme:/etc/acme.sh 文件夹,因为它是在您每次 up/down 时创建的。另外,将 acme: 添加到最后的 volumes: 部分。
您的日志文件中的条目证明了这一点:
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] The domain key is here: /etc/acme.sh/email@gmail.com/example.com/example.com.key
另外,看看这个doc
我遇到了这个问题,终于弄明白了。
您需要将卷添加到 nginx-proxy: 和 letsencrypt: services volumes: sections something like this:
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
**- acme:/etc/acme.sh**
然后我添加了
卷:
.:
postgres_data:
静态的:
证书:
html:
虚拟主机:
顶点:
现在我有了永久证书。
我正在使用“jwilder/nginx-proxy”和“jrcs/letsencrypt-nginx-proxy-companion”图像自动创建 ssl 证书,当服务器更新并且我 运行“docker -compose down”和“docker-compose up -d”出现以下错误:
letsencrypt_1 | [Mon Feb 8 11:48:47 UTC 2021] Please check log file for more details: /dev/null
letsencrypt_1 | Creating/renewal example.com certificates... (example.com www.example.com)
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Creating domain key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] The domain key is here: /etc/acme.sh/email@gmail.com/example.com/example.com.key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Multi domain='DNS:example.com,DNS:www.example.com'
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Getting domain auth token for each domain
letsencrypt_1 | [Mon Feb 8 11:48:49 UTC 2021] Create new order error. Le_OrderFinalize not found. {
letsencrypt_1 | "type": "urn:ietf:params:acme:error:rateLimited",
letsencrypt_1 | "detail": "Error creating new order :: too many certificates already issued for exact set of domains: example.com,www.example.com: see https://letsencrypt.org/docs/rate-limits/",
letsencrypt_1 | "status": 429
我知道 letsencrypt 允许在一周内创建有限数量的证书。 每次我必须执行“docker-compose down”和“docker-compose up -d”时,我都会使用其中一个实例来生成证书。现在我已经达到了限制,无法使用该网站。
避免生成不需要的证书的方法是什么? 有没有办法重置本周的计数器以继续使用该网站?
我的docker-compose.yml
version: "3"
services:
db:
image: postgres:12
restart: unless-stopped
env_file: ./.env
volumes:
- postgres_data:/var/lib/postgresql/data
web:
build:
context: .
restart: unless-stopped
env_file: ./.env
command: python manage.py runserver 0.0.0.0:80
volumes:
- static:/code/static/
- .:/code
#ports:
# - "8000:8000"
depends_on:
- db
nginx-proxy:
image: jwilder/nginx-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
environment:
- NGINX_PROXY_CONTAINER=nginx-proxy
volumes:
- certs:/etc/nginx/certs:rw
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
nginx:
image: nginx:1.19
restart: always
expose:
- "80"
volumes:
- ./config/nginx/conf.d:/etc/nginx/conf.d
- static:/code/static
- ./../ecoplatonica:/usr/share/nginx/html:ro
env_file: ./.env
depends_on:
- web
- nginx-proxy
- letsencrypt
volumes:
.:
postgres_data:
static:
certs:
html:
vhostd:
您需要为 nginx-proxy 安装 acme:/etc/acme.sh 文件夹,因为它是在您每次 up/down 时创建的。另外,将 acme: 添加到最后的 volumes: 部分。
您的日志文件中的条目证明了这一点:
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] The domain key is here: /etc/acme.sh/email@gmail.com/example.com/example.com.key
另外,看看这个doc
我遇到了这个问题,终于弄明白了。
您需要将卷添加到 nginx-proxy: 和 letsencrypt: services volumes: sections something like this:
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
**- acme:/etc/acme.sh**
然后我添加了
卷: .: postgres_data: 静态的: 证书: html: 虚拟主机: 顶点:
现在我有了永久证书。