ACME Cert with docker

Hi !

I search to create my own traefik proxy.
I came from this file :

Once configured, when I launch my docker-compose , i get this error :

traefik_1  | time="2019-12-13T14:03:14Z" level=info msg="Configuration loaded from flags."
traefik_1  | time="2019-12-13T14:03:41Z" level=error msg="Unable to obtain ACME certificate for domains \"traefik.domain\": unable to generate a certificate for the domains [traefik.domain]: acme: Error -> One or more domains had a problem:\n[traefik.domain] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Error getting validation data, url: \n" providerName=le.acme rule="Host(`traefik.domain`)" routerName=traefik@docker

The unsecure way works, It redirects me on the 443 port but with a self signed certificate.
So, I don't know where to investigate.

Do you have an idea ?
Thanks !

In debug mode, I have :

traefik_1  | time="2019-12-13T14:42:13Z" level=debug msg="legolog: [INFO] Deactivating auth:"
traefik_1  | time="2019-12-13T14:42:13Z" level=debug msg="legolog: [INFO] Unable to deactivate the authorization:"

And some more logs

traefik_1  | time="2019-12-13T14:42:05Z" level=debug msg="http: TLS handshake error from remote error: tls: bad certificate"
traefik_1  | time="2019-12-13T14:42:11Z" level=debug msg="Serving default certificate for request: \"\""
traefik_1  | time="2019-12-13T14:42:11Z" level=debug msg="http: TLS handshake error from remote error: tls: bad certificate"

Here is a reference project that might help. I use DNS challenge but there is also some info on using http or https-tls challenge.

Let's encrypt needs to validate the domain so it needs to be able to look it up.

Hi !
Thanks a lot for your reply !

I'll see it ! It looks complete !

Thanks !

HI !
I go back to you.
I've tried our files but I have errors.
I've copied lines from the git for the httpschallenge to my file.

traefikv2    | 2019/12/16 20:41:09 command traefik error: field not found, node: entryPoint

All is configured and unable to start it !
Any idea ?
Thanks !!

Okay, I try with the dns challenge with gandiv5 and it works !

Which one is better ?
Is it possible to use other certificate servers (for example : my own server for local tests ?)

EDIT 2 :slight_smile:
I can't go to monitor.mydomain with internet. Is it normal ?