ACME Cert with docker

rwanito · December 13, 2019, 2:11pm

Hi !

I search to create my own traefik proxy.
I came from this file : https://github.com/containous/blog-posts/blob/master/2019_09_10-101_docker/docker-compose-09.yml

Once configured, when I launch my docker-compose , i get this error :

traefik_1  | time="2019-12-13T14:03:14Z" level=info msg="Configuration loaded from flags."
traefik_1  | time="2019-12-13T14:03:41Z" level=error msg="Unable to obtain ACME certificate for domains \"traefik.domain\": unable to generate a certificate for the domains [traefik.domain]: acme: Error -> One or more domains had a problem:\n[traefik.domain] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Error getting validation data, url: \n" providerName=le.acme rule="Host(`traefik.domain`)" routerName=traefik@docker

The unsecure way works, It redirects me on the 443 port but with a self signed certificate.
So, I don't know where to investigate.

Do you have an idea ?
Thanks !

EDIT
In debug mode, I have :

traefik_1  | time="2019-12-13T14:42:13Z" level=debug msg="legolog: [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/1709551318"
traefik_1  | time="2019-12-13T14:42:13Z" level=debug msg="legolog: [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/1709551318"

And some more logs

traefik_1  | time="2019-12-13T14:42:05Z" level=debug msg="http: TLS handshake error from 148.60.99.1:10404: remote error: tls: bad certificate"
traefik_1  | time="2019-12-13T14:42:11Z" level=debug msg="Serving default certificate for request: \"traefik.lannion.rwanito.fr\""
traefik_1  | time="2019-12-13T14:42:11Z" level=debug msg="http: TLS handshake error from 148.60.99.1:10059: remote error: tls: bad certificate"

cpressler63 · December 13, 2019, 4:21pm

Here is a reference project that might help. I use DNS challenge but there is also some info on using http or https-tls challenge.

Let's encrypt needs to validate the domain so it needs to be able to look it up.

rwanito · December 13, 2019, 5:55pm

Hi !
Thanks a lot for your reply !

I'll see it ! It looks complete !

Thanks !

rwanito · December 16, 2019, 8:42pm

HI !
I go back to you.
I've tried our files but I have errors.
I've copied lines from the git for the httpschallenge to my file.

traefikv2    | 2019/12/16 20:41:09 command traefik error: field not found, node: entryPoint

All is configured and unable to start it !
Any idea ?
Thanks !!

EDIT :
Okay, I try with the dns challenge with gandiv5 and it works !

Which one is better ?
Is it possible to use other certificate servers (for example : my own server for local tests ?)

EDIT 2
I can't go to monitor.mydomain with internet. Is it normal ?

Topic		Replies	Views
Acme: error: 403 :: urn:ietf:params:acme:error:unauthorized: Traefik v2 docker , letsencrypt-acme	4	1832	December 6, 2023
Traefik refuses to use my valid ACME certificate, falls back to self signed Traefik v2 docker , letsencrypt-acme	3	1735	August 4, 2023
Certificate problem Traefik v2 docker	0	434	December 2, 2021
Unable to obtain ACME certificate despite setting challenge Traefik v1 docker , letsencrypt-acme	1	4774	July 18, 2019
Dockers Unable to obtain ACME certificate for domains Traefik v2 docker	2	2277	December 4, 2020

ACME Cert with docker

Related topics