错误：“dl.eff.org”的证书不受信任

Question

我正在研究 docker、node 和 graphql，并希望让我的项目在 HTTPS 中可用。

我找到了解释如何执行此操作的本教程 (https://techsparx.com/nodejs/docker/express-https.html)，但我遇到了错误并且找不到有效的解决方案。

Building certbot
[+] Building 2.8s (9/11)                                                                                                                       
 => [internal] load build definition from Dockerfile                                                                                      0.0s
 => => transferring dockerfile: 840B                                                                                                      0.0s
 => [internal] load .dockerignore                                                                                                         0.0s
 => => transferring context: 2B                                                                                                           0.0s
 => [internal] load metadata for docker.io/library/debian:jessie                                                                          1.9s
 => [auth] library/debian:pull token for registry-1.docker.io                                                                             0.0s
 => [1/7] FROM docker.io/library/debian:jessie@sha256:32ad5050caffb2c7e969dac873bce2c370015c2256ff984b70c1c08b3a2816a0                    0.0s
 => CACHED [2/7] RUN apt-get update    && apt-get install -y cron bash wget                                                               0.0s
 => CACHED [3/7] RUN mkdir -p /webroots/bgl8700.com.br/.well-known /scripts                                                               0.0s
 => CACHED [4/7] WORKDIR /scripts                                                                                                         0.0s
 => ERROR [5/7] RUN wget https://dl.eff.org/certbot-auto                                                                                  0.7s
------                                                                                                                                         
 > [5/7] RUN wget https://dl.eff.org/certbot-auto:                                                                                             
#11 0.347 converted 'https://dl.eff.org/certbot-auto' (ANSI_X3.4-1968) -> 'https://dl.eff.org/certbot-auto' (UTF-8)                            
#11 0.347 --2021-10-24 20:20:12--  https://dl.eff.org/certbot-auto
#11 0.361 Resolving dl.eff.org (dl.eff.org)... 151.101.176.201, 2a04:4e42:2a::201
#11 0.569 Connecting to dl.eff.org (dl.eff.org)|151.101.176.201|:443... connected.
#11 0.640 ERROR: The certificate of 'dl.eff.org' is not trusted.
#11 0.640 ERROR: The certificate of 'dl.eff.org' has expired.
------
executor failed running [/bin/sh -c wget https://dl.eff.org/certbot-auto]: exit code: 5
ERROR: Service 'certbot' failed to build : Build failed

这是 Dockerfile：

FROM debian:jessie

# Install cron, certbot, bash, plus any other dependencies
RUN apt-get update \
   && apt-get install -y cron bash wget
RUN mkdir -p /webroots/bgl8700.com.br/.well-known /scripts

WORKDIR /scripts
RUN wget https://dl.eff.org/certbot-auto 
RUN chmod a+x ./certbot-auto
# Run certbot-auto so that it installs itself
RUN /scripts/certbot-auto -n certificates

# /webroots/DOMAIN.TLD/.well-known/... files go here
VOLUME /webroots
VOLUME /etc/letsencrypt

# This installs a Crontab entry which 
# runs "certbot renew" on several days of each week at 03:22 AM
#
# RUN echo "22 03 * * 2,4,6,7 root /scripts/certbot-auto renew" >/etc/cron.d/certbot

CMD [ "cron", "-f" ]

这是寄存器：

#!/bin/sh
/scripts/certbot-auto certonly --webroot -w /webroots/$1 -d $1

文件夹结构：

certbot/
   - Dockerfile
   - register

Answer 1

您需要仔细查看设置中使用的 SSL 证书。毕竟你有消息

#11 0.640 ERROR: The certificate of 'dl.eff.org' is not trusted.
#11 0.640 ERROR: The certificate of 'dl.eff.org' has expired.

因此，请检查证书是在您的流程中创建的位置 - 如果不是，那么您需要添加该部分。