Hello,
I use Traefik v1.7.20.
Testing my domain with openssl, I get:
verify error:num=20:unable to get local issuer certificate
I have a PEM file, that includes everything:
- private key
- server cert
- intermediate cert
- trusted CA cert
Which looks like this:
-----BEGIN PRIVATE KEY-----
<base64 encoded private key>
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
<base64 encoded server certificate>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<base64 encoded intermediate certificate>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<base64 encoded trusted CA certificate>
-----END CERTIFICATE-----
On the other hand, Traefik accepts 2 files for TLS:
-
key
file -
cert
file
I believe that it is expected the cert
file to include the full CA chain (i.e. the last 3 parts from above example).
However, based on this SO post, I understand that DER
encoded files cannot be used as containers for multiple certificates, which per my understanding -- allows only 1 certificate in the cert
file.
How am I supposed to work this our then?