Basic https configuration keep getting 404

Hey everyone, I am trying to get traefik v2 work with https wildcard certificate.
My wildcard certificate is correctly applied but I keep getting a 404 error when navigating to traefik.mydomain.com.

I do have an internal dns, so i set up an A record for traefik.
I'll paste my configuration in the hope that some good sould can help me sort this out.

I should mention that without https I can get to the traefik webui.

Docker-compose.yml

version: '3'

services:
  reverse-proxy:
    image: traefik:v2.8
    container_name: traefik
    security_opt:
      - no-new-privileges:true
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock 
      - ./config/traefik.yml:/etc/traefik/traefik.yml:ro 
      - ./config/dynamic.yml:/etc/traefik/dynamic.yml 
      - ./certs:/etc/traefik/certs/ 
    networks:
      - traefik
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=web"
      - "traefik.http.routers.traefik.rule=Host(`traefik.domain.com`)"
      - 'traefik.http.routers.traefik.service=api@internal'
      - "traefik.http.routers.traefik.middlewares=user-auth@file"
      - "traefik.docker.network=traefik"
   
networks:
  traefik:
    external: true

This is my traefik.yml

api:
  dashboard: true 

log:
  level: DEBUG

entryPoints:
  web:
    address: :80
    http:
      redirections:
        entryPoint:
          to: websecure

  websecure:
    address: :443
    http:
      middlewares:
      - secureHeaders@file

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /etc/traefik/dynamic.yml

This is my dynamic config

http:
  middlewares:
    secureHeaders:
      headers:
        sslRedirect: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 31536000

    user-auth:
      basicAuth:
        users:
          - "proxyadmin:password"

tls:
  certificates:
        certFile: "/etc/traefik/certs/domaincert.crt"
        keyFile: "/etc/traefik/certs/domainkey.key"
      stores:
        - default
  stores:
    default:
      defaultCertificate:
        certFile: "/etc/traefik/certs/domaincert.crt"
        keyFile: "/etc/traefik/certs/domainkey.key"
  options:
    default:
      cipherSuites:
        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
      minVersion: VersionTLS12

I dont get any error in the logs when launching traefik.

Thanks in advance to anyone kind enough to help.

Sasso

Hi @sassodev , it seems you're redirecting from http to https on the entrypoint but your router is not listening on https, "traefik.http.routers.traefik.entrypoints=web", which means Traefik can't find it when the request gets in on port 443 and then returns a 404 not found error

Thank you douglas, I just read this Traefik blog docker https and it is much much clearer now.

I was able to redirect correctly after starting over my configuration file, and going simple, following the blog post.
I highly raccomend the reading of it to anyone having problems setting up https, or using their own wildcard certificate.

Thank you

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.