|
|
|
@ -30,15 +30,16 @@ self-signed CA.
|
|
|
|
|
``/etc/ssl/certs/ca-certificates.crt`` file.
|
|
|
|
|
3. Restart Traefik.
|
|
|
|
|
|
|
|
|
|
> NOTE: Steps 2. and 3. will need to be repeated each time you get a new CA
|
|
|
|
|
> certificate. Then they can be automated this way:
|
|
|
|
|
> - Start Traefik with this command:
|
|
|
|
|
> ``sh -c "update-ca-certificates && traefik"``
|
|
|
|
|
> while ``/usr/local/share/ca-certificates`` path is a host mounted
|
|
|
|
|
> path with the CA certificate produced by this script.
|
|
|
|
|
> NOTE: I am using Alpine Traefik image, the correct ca certificates path is
|
|
|
|
|
> ``/usr/local/share/ca-certificates/``, otherwise one of these
|
|
|
|
|
> https://golang.org/src/crypto/x509/root_linux.go
|
|
|
|
|
> Steps 2. and 3. will need to be repeated each time you get a new CA
|
|
|
|
|
> certificate. Then they can be automated this way:
|
|
|
|
|
> - Start Traefik with this command:
|
|
|
|
|
> ``sh -c "update-ca-certificates && traefik"``
|
|
|
|
|
> while ``/usr/local/share/ca-certificates`` path is a host mounted
|
|
|
|
|
> path with the CA certificate produced by this script.
|
|
|
|
|
|
|
|
|
|
> I am using Alpine Traefik image, the correct ca certificates path is
|
|
|
|
|
> ``/usr/local/share/ca-certificates/``, otherwise one of these
|
|
|
|
|
> https://golang.org/src/crypto/x509/root_linux.go
|
|
|
|
|
|
|
|
|
|
## Script logic
|
|
|
|
|
- generate CA cert if does not find any.
|
|
|
|
|