Commit dc9f8d35 authored by David Danier's avatar David Danier
Browse files

Added HTTPS support (self signed)

parent ce4a79f3
-----BEGIN CERTIFICATE-----
MIIDlDCCAnwCCQC7lkOI/NwaWTANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC
REUxDzANBgNVBAgMBkJheWVybjEbMBkGA1UEBwwSVEVBTTIzIERldmVsb3BtZW50
MRQwEgYDVQQKDAtURUFNMjMgR21iSDEbMBkGA1UECwwSVEVBTTIzIERldmVsb3Bt
ZW50MRswGQYDVQQDDBJMb2NhbCBDQSBSb290IENlcnQwHhcNMTgwMzA0MTQzMjI2
WhcNMTkwMzA0MTQzMjI2WjCBizELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJheWVy
bjEbMBkGA1UEBwwSVEVBTTIzIERldmVsb3BtZW50MRQwEgYDVQQKDAtURUFNMjMg
R21iSDEbMBkGA1UECwwSVEVBTTIzIERldmVsb3BtZW50MRswGQYDVQQDDBJMb2Nh
bCBDQSBSb290IENlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1
nt5NZ/D33hR25bud6rkEog3E3AgnBte8VcGRhqmkGHg00vAweaVPup7UaXLYGFcT
JTKE5W9Xx3IpYmATloPyrdm34+EDTy5r/5Tg5drp8Qd+aswNDelwHXLDuU+5b+Un
35tBUOgioP0skVJR2kFkfaSfwGnmOxilWgvO+21GlO/fVd6n8Dy8fiTU6QA2PIPI
u7BXTAYYa4dSinBKUh1M85imcOyFZm08VuXp4Ysj/ofxkhHoFEKYmJS/Sqx+G12e
AcUB74eNZv0lsy7QPoQ/dThLO6c8qfm3gcau5jhd9c3acJAhjBMcuSwq/qnXxkW/
uhDbMlaXG/RyO53bBDCZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABWQI1mB+fzv
PjUFle4UFWQh8a8gQHBJ26/zuMpylhspecg99i2eRbviUpszV3xh0MLS1ilbiEYg
W4e0B9UH4bkYFWb3ft79uUHbO1kuCFCCdQGXYPtq2lUAT/2FEVo+/vl9v7VEcKXN
1QxGH6kNwMJ2xeBVlWJuzDaAUKf7yU3Tmsxg6sjuAVSVS2ms/uQadpfgjO/YFcVo
TPt1jPbzRjHVFY5gQhEWNuH/EZp8l1/EEYZGxqv7mgdHGsjoyLeSfcB3LjEgbr0f
Qzq2hZJcz/m9TbmndNJMoTUfyhKu61MU4aFoHswfrrNoS1aq/bj+XSY3TTMHdMdp
1VEtdAGkZ9k=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAtZ7eTWfw994UduW7neq5BKINxNwIJwbXvFXBkYappBh4NNLw
MHmlT7qe1Gly2BhXEyUyhOVvV8dyKWJgE5aD8q3Zt+PhA08ua/+U4OXa6fEHfmrM
DQ3pcB1yw7lPuW/lJ9+bQVDoIqD9LJFSUdpBZH2kn8Bp5jsYpVoLzvttRpTv31Xe
p/A8vH4k1OkANjyDyLuwV0wGGGuHUopwSlIdTPOYpnDshWZtPFbl6eGLI/6H8ZIR
6BRCmJiUv0qsfhtdngHFAe+HjWb9JbMu0D6EP3U4SzunPKn5t4HGruY4XfXN2nCQ
IYwTHLksKv6p18ZFv7oQ2zJWlxv0cjud2wQwmQIDAQABAoIBAC1qYKRyjWst+WgR
4myGuWVTMKY9bzxzFZdeylydk+YYyFZNOQqmIJRjUjxDchhfXcbH0m4xATquAPog
Q24igTQ6DOtS7H1rW2xeKNhkIe3F+928zvGkvO7wLjaLLEhulpr161jV5nZiU2zF
mhQlw5xhXr0j3FdaB7uxXKqRbK3tPHuawqYp5EafMD/uH05bc/VGsXqLddf4JZL5
le4STmFo+OWvp1LKXta27zdJF/gOeFp7lFVCNbn68PY/rjHqeAf2VlzbxpjlNcjg
YaEnhIcl9iotnb76X58V4VnuXLsMPPqiiV8R1YXcPlws1uHcdOIVnkkDQ/iux+Ep
jQu3UZECgYEA3gU2FCMVpCwvZ2vSPZIl4Bp6PL9xk6+/M24vKtIyynhfk8dIWGtj
6kE7pDWAAObS35aAYgzfLl3xrYTWXfj4cRUlKGMqS8H4FPaNwfT7KW0uMhnH9EV2
Vos6BOTSZUbC9Die0ounoHkRlTdvLDvUycHwxWEUinajzbWHTH0GZkMCgYEA0WrJ
xuFipk1lEIdrYGhPVuAjum55Ru2sDbxBI3ueKRhSX77YZRMsKdxWFk42r+Y3Vfxn
3zTlTUZTgKwaolmC/r3/0R60rwGMS6CVq9EvZVb0xhTmXBpA9/Elci/OnMT0HXIW
qUC88rze8pwoJ9aAeBPd6LXD3c+SMtwsoQPx9fMCgYEAknX7m8MdRqUDTIVbNtTP
eYvd8W8VXKjGSAY6xVPOv7Qy0MjY18NYMTOBRa0pWO7sUyT0Yjo9jFfa023bADj6
o5agYYkxYLJ/lkyjbTzP5x8oJ1LMjj64dxT3XD0a8kaA2xzy4M/R79GOINJl21dI
4yO2Um7dXw4utsg2jeW4MAMCgYEAxpDIBDDfdip6gsK0uLQPTqO2nOZ1TiC7/EYd
SYTEQdkS+kAeNTCJtqN6aSn+Rqk2nOx4nTctmSjusln94ySWxe7oKqQ/1JTWLztz
z3fIxgE+lLdqebhXFAHubKgR86n4ghcUj6WXw1380/PnS2bjZ3gG+Mmoj6Bq0pjc
JEx2V6sCgYEAyGodeyf7OE8FrsgXCAFzOPltj5Bb3/5bza5B8WoBuiEHWTgxwTav
SHkqmr9clm3TDsZTx7MrDsYWbfH2jkiSG1gWmFWi1HFLF+RdDCMeai8ygJxrLirh
wawyFbapMgzxhWcab3paWZtbj+jNnAOqJ2rFYKCv2DrTdu+KpnBukR0=
-----END RSA PRIVATE KEY-----
CA0EE47124001AED
#!/bin/bash
# Generate Root CA
openssl genrsa -out ca.key 2048 || exit 1
openssl req -new -x509 -days 365 -key ca.key \
-subj "/C=DE/ST=Bayern/L=TEAM23 Development/O=TEAM23 GmbH/OU=TEAM23 Development/CN=Local CA Root Cert" \
-out ca.crt || exit 2
# Generate domain cert
openssl genrsa -out t23dev.key 2048 || exit 3
openssl req -new -sha256 \
-key t23dev.key \
-subj "/C=DE/ST=Bayern/L=TEAM23 Development/O=TEAM23 GmbH/OU=TEAM23 Development/CN=traefik.t23dev" \
-reqexts SAN \
-config <(cat /usr/local/etc/openssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=DNS:traefik.t23dev,DNS:*.t23dev,DNS:*.*.t23dev,DNS:*.*.*.t23dev,DNS:*.*.*.*.t23dev")) \
-out t23dev.csr || exit 4
# Sign local cert
openssl x509 -req \
-extfile <(printf "subjectAltName=DNS:traefik.t23dev,DNS:*.t23dev,DNS:*.*.t23dev,DNS:*.*.*.t23dev,DNS:*.*.*.*.t23dev") \
-days 1825 -in t23dev.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out t23dev.crt || exit 5
# Show certificate information
openssl x509 -in t23dev.crt -text || exit 6
-----BEGIN CERTIFICATE-----
MIID6DCCAtCgAwIBAgIJAMoO5HEkABrtMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
VQQGEwJERTEPMA0GA1UECAwGQmF5ZXJuMRswGQYDVQQHDBJURUFNMjMgRGV2ZWxv
cG1lbnQxFDASBgNVBAoMC1RFQU0yMyBHbWJIMRswGQYDVQQLDBJURUFNMjMgRGV2
ZWxvcG1lbnQxGzAZBgNVBAMMEkxvY2FsIENBIFJvb3QgQ2VydDAeFw0xODAzMDQx
NDMyMjdaFw0yMzAzMDMxNDMyMjdaMIGHMQswCQYDVQQGEwJERTEPMA0GA1UECAwG
QmF5ZXJuMRswGQYDVQQHDBJURUFNMjMgRGV2ZWxvcG1lbnQxFDASBgNVBAoMC1RF
QU0yMyBHbWJIMRswGQYDVQQLDBJURUFNMjMgRGV2ZWxvcG1lbnQxFzAVBgNVBAMM
DnRyYWVmaWsudDIzZGV2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
rV1gGFp0Mguo4JMK+G7gNCT7Ca63MfX/xw+/T9TSUKxYMXg3wujOjqj0wcdmRO+o
Ey7kCV/rIynCbejWElTu8bkXXUsjU4SABBZBG1X3xmHwxtmqKaq3cfwZZcZr7jZF
HOnJjTC+z/HNiMTfDQL08Nn6DElrB9JD8+cRj7kWS5s4BGMJQyxav7Ab1RiisggK
bXNn7b1mCcZ+l+2OESaa/afebEyeu+ouKJTAMTxrvFm4gA9YK3/3QM5tIa72A/EJ
/cGOEbiZx18v/WxNg3kn3NcHyMIVtPyAUU5uZzEEBc2phpkLLRoX75uoTKAa9pZ4
VF2XqqJUPdKbkhViTCCYuQIDAQABo1EwTzBNBgNVHREERjBEgg50cmFlZmlrLnQy
M2RldoIIKi50MjNkZXaCCiouKi50MjNkZXaCDCouKi4qLnQyM2RldoIOKi4qLiou
Ki50MjNkZXYwDQYJKoZIhvcNAQEFBQADggEBAG2S0aTsZ2FdA06gA77v2Ho1Dx1I
fWomxKJ589T7YAgRt+CnkxCrhefLDu2Se+O3Rt1ETS68il0D/pNObutE7uiiV7o6
B4hoIaYsylpW0PzsLgRCMYTE5dxDNoKn2RsSqlste7YKWOdb80PZWURRM/4+4OH8
AlmQR0VG7mc9nkF+1UqBN3KHiJtLELVuNniWY7x26sPpXwyt2TraA6fP6CAE6ngW
9e1rZfYBuP7P3PwKg6BvzR+lgHt3koaESg4GGx09Yxyoq389QMm5ZuEDUoq7D2AX
so8HQvG6t0H+mIHrVKkPEg9WoYlDU71+YQFOcXQS9NxXcRKqQ3fjJGd0TDk=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE REQUEST-----
MIIDLTCCAhUCAQAwgYcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCYXllcm4xGzAZ
BgNVBAcMElRFQU0yMyBEZXZlbG9wbWVudDEUMBIGA1UECgwLVEVBTTIzIEdtYkgx
GzAZBgNVBAsMElRFQU0yMyBEZXZlbG9wbWVudDEXMBUGA1UEAwwOdHJhZWZpay50
MjNkZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtXWAYWnQyC6jg
kwr4buA0JPsJrrcx9f/HD79P1NJQrFgxeDfC6M6OqPTBx2ZE76gTLuQJX+sjKcJt
6NYSVO7xuRddSyNThIAEFkEbVffGYfDG2aopqrdx/BllxmvuNkUc6cmNML7P8c2I
xN8NAvTw2foMSWsH0kPz5xGPuRZLmzgEYwlDLFq/sBvVGKKyCAptc2ftvWYJxn6X
7Y4RJpr9p95sTJ676i4olMAxPGu8WbiAD1grf/dAzm0hrvYD8Qn9wY4RuJnHXy/9
bE2DeSfc1wfIwhW0/IBRTm5nMQQFzamGmQstGhfvm6hMoBr2lnhUXZeqolQ90puS
FWJMIJi5AgMBAAGgYDBeBgkqhkiG9w0BCQ4xUTBPME0GA1UdEQRGMESCDnRyYWVm
aWsudDIzZGV2gggqLnQyM2RldoIKKi4qLnQyM2RldoIMKi4qLioudDIzZGV2gg4q
LiouKi4qLnQyM2RldjANBgkqhkiG9w0BAQsFAAOCAQEAODRoI4/h6nRZ5+iT9aIi
ZrUPMID2rEBJaHYSDekCNi3kqu1S1yRpqd2GFIzbLrlKikLUz+lsI0FMfdxHAkXu
NvIcA9cX9gEotbZ2cuBruKwhKqI+4VPpEY8+6Wyk5XD7KFSkUgZbXu2Eh5vMnO81
w1wceDupr9wYWqBEtCdpnCEZ5ncRYFedo7eglx5bt34JWImtdrttZIuJpygcI6vI
kwsMcPTLCcGu+hyiFeXP+Sdlvtv3c/3vlCeazElnqmcjOu3PdJcQJdqNMBUWjpgg
Ue/9tVTiuQZSdyxJ/8Ll6dpSMmzy0vxlLvvdb+CYCIrJHSWiuEZjfBq9Zc/13S3x
xg==
-----END CERTIFICATE REQUEST-----
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEArV1gGFp0Mguo4JMK+G7gNCT7Ca63MfX/xw+/T9TSUKxYMXg3
wujOjqj0wcdmRO+oEy7kCV/rIynCbejWElTu8bkXXUsjU4SABBZBG1X3xmHwxtmq
Kaq3cfwZZcZr7jZFHOnJjTC+z/HNiMTfDQL08Nn6DElrB9JD8+cRj7kWS5s4BGMJ
Qyxav7Ab1RiisggKbXNn7b1mCcZ+l+2OESaa/afebEyeu+ouKJTAMTxrvFm4gA9Y
K3/3QM5tIa72A/EJ/cGOEbiZx18v/WxNg3kn3NcHyMIVtPyAUU5uZzEEBc2phpkL
LRoX75uoTKAa9pZ4VF2XqqJUPdKbkhViTCCYuQIDAQABAoIBADzeRfkG+TkBAwAm
YHmtZCaqvUE/CK8P8ggQLVl4HYeZmzVzQhC68JsCEz1eJzgY9OgXVJU+Ci7EYLF6
SH8TNvnDxMJKuVJ/ePr2XVGds2sBxCntDmOmvtXUb45eRlLS1x05sDxUWwpjmYhl
pvLIkPtnbPWXaW7LknQ2MuJFV+CfQOD1z96r3GbsYfK3N5I8ds/kynzp6VDLHRie
hIc5cgMDzpvYIBOAlj+FmQZtPLPh8L6bATxAObeEw3MpxafNZzc6D6n4wDaAmmu0
41E1DLLGO7dpiReu5DJG9vU/d8agv7eor7WSnn2WiatN+DQPtKiNEhFVpqhFune9
xfWyAwECgYEA2TeFWl/1gES7ih4KkHnzFGjI4aKnFrr3dqGZuk2oTSPWCmn0A+6x
qRJdSGxImPmVpvYd17qwdhAR4HURb0hgqF7WSMWu2IS2C3rU1t+w86R0x8JPqSTv
vZZkZnwBAiu13mf5GrvaMANg5w/YtlAXPmmSUg1mI8WmbU5rcF+85AkCgYEAzFF5
swVZwO1cvVZh/94vyMcOlX6BVeLoa8MFPtbaKmCY3omxJKEzVo7uXdivsybShln+
rRtqnjslDXcLCZ5ymRBRtI15aMxGeHXfJTi6OzWGeDahDpUUK/FqrHERd5qr06jY
PeVaS4+ylfXpsA8wmtF5pc02OeHtn9cerZiMGzECgYBa/05nSPHxFVo3h1RHqD70
Gt2k4N38wMCwuwxKpwPNpSii3jYye4mD2cSodWyIYW6XLl3cJUKNgzfp/0EZjImp
n2lHvUD9RcN51bBagAWCXC/sC3QR2P5yPxG6eVJ21VbwYEBUOcQy/wdWZSYVYkIK
jHGW3DQg4klRW1vZDNJ1+QKBgBHutLe5qH7+Vj1n74H9hkQg9G66g69+Etgibbtu
MAe4IrKlcx675z2ZneIuun0G00NncqrO1TS+DCp6YEWf2n8Ep6cpI5bHFwhLkCI8
MFwx/nNemBQnkXWp4qrv4ZCVyq7xCsmj76DiI9J1muUQ8DsmV37t2+yIn8p/nvmt
gd6BAoGAF4d88c/9lkmd+qwbl90jqjRVZ/LiFGPX4szE3D9vbyfKWRg94Z095pRF
kG6x3my052TwLrzczszyvi8mhulzy0RATBxLW6tRqHSYGI00kABk39ZrOSqU3uk/
b5DRPdelEm9DPAgt0UXPdLf/tP0PQ/TJNHeHSyzAi1VgKwyHe+8=
-----END RSA PRIVATE KEY-----
......@@ -4,6 +4,7 @@ services:
traefik:
ports:
- "80:80"
- "443:443"
- "8080:8080"
networks:
......
......@@ -7,6 +7,7 @@ services:
- gateway
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./cert:/cert
- ./traefik.toml:/traefik.toml
networks:
......
......@@ -22,8 +22,8 @@ debug = true
# Optional
# Default: ["http"]
#
defaultEntryPoints = ["http"]
#defaultEntryPoints = ["http", "https"]
#defaultEntryPoints = ["http"]
defaultEntryPoints = ["http", "https"]
# Entrypoints definition
#
......@@ -32,15 +32,12 @@ defaultEntryPoints = ["http"]
[entryPoints]
[entryPoints.http]
address = ":80"
# [entryPoints.https]
# address = ":443"
# [entryPoints.https.tls]
# [[entryPoints.https.tls.certificates]]
# CertFile = "integration/fixtures/https/snitest.com.cert"
# KeyFile = "integration/fixtures/https/snitest.com.key"
# [[entryPoints.https.tls.certificates]]
# CertFile = "integration/fixtures/https/snitest.org.cert"
# KeyFile = "integration/fixtures/https/snitest.org.key"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
CertFile = "cert/t23dev.crt"
KeyFile = "cert/t23dev.key"
# Traefik logs
# Enabled by default and log to stdout
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment