我正在从事一个运行Docker并有3个容器的项目：

• Django
• PostgreSQL
• traefik

现在我要生成一个私钥来向我的网站添加SSL证书，问题是我应该在哪里生成私钥？

在运行码头的主服务器内？

还是在Django容器里？

还是在Traefik集装箱里？

我使用的是 python:3.6-alpine trafik： for trafik& Django的

如果应该在容器中生成私钥，那么应该在容器内使用什么命令行来生成私钥？

实际上，我已经构建了private.key和certification.crt文件，在traefik.toml文件中引用了它们，并得到了以下错误：

failed to load X509 key pair: tls: failed to find any PEM data in certificate input

这就是为什么我认为问题在于我在主服务器中生成的private.key，而不是在任何容器中。

如果您想了解更多信息，请在 traefik.toml 文件中使用以下配置：

logLevel = "INFO"
defaultEntryPoints = ["http", "https"]
# Entrypoints, http and https
[entryPoints]
  # http should be redirected to https
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
  # https is the default
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
    [[entryPoints.https.tls.certificates]]
    certFile = "/certs/ new_cert_v2.chained.crt"
    keyFile = "/certs/hrattendence_gs-group_nl.key"
[file]
[backends]
  [backends.django]
    [backends.django.servers.server1]
      url = "http://django:5000"
[frontends]
  [frontends.django]
    backend = "django"
    passHostHeader = true
    [frontends.django.headers]
      HostsProxyHeaders = ['X-CSRFToken']
    [frontends.django.routes.dr1]
      rule = "Host:IP here"

以下是完整的错误消息：

traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Using TOML configuration file /etc/traefik/traefik.toml"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="No tls.defaultCertificate given for https: using the first item in tls.certificates as a fallback."
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Traefik version v1.7.16 built on 2019-09-13_01:12:20PM"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/basics/#collected-data\n"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=error msg="failed to load X509 key pair: tls: failed to find any PEM data in certificate input"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Preparing server http &{Address::80 TLS:<nil> Redirect:0xc000b04b40 Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc0008fba60} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Preparing server https &{Address::443 TLS:0xc0007797a0 Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc0008fba80} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=error msg="Unable to add a certificate to the entryPoint \"https\" : unable to generate TLS certificate : tls: failed to find any PEM data in certificate input"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Starting provider configuration.ProviderAggregator {}"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Starting server on :443"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Starting server on :80"
traefik_1_623bf12389b8 | time="2020-09-19T14:24:35Z" level=info msg="Starting provider *file.Provider {\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"TemplateVersion\":0,\"DebugLogGeneratedTemplate\":false,\"Directory\":\"\",\"TraefikFile\":\"/etc/traefik/traefik.toml\"}"