Hi,
I'm trying to setup traefik to proxy requests to a ssl enabled server, but I cannot seem to get it to work.
The backend server must have ssl enabled.
If passthrough: true is set in traefik.yml, then the browser just gets the self signed cert from the backend service, although the desired outcome is that traefik's self signed cert should be presented.
Else if passthrough is commented, this is the output from the browser:
Network Protocol Error
An error occurred during a connection to sub.domain.tld.
The page you are trying to view cannot be shown because an error in the network protocol was detected.
Please contact the website owners to inform them of this problem.
Any ideas on how to accomplish this?
traefik.yml :
tls:
options:
default:
sniStrict: true
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
stores:
default:
defaultCertificate:
certFile: /etc/traefik/certs/traefik.crt
keyFile: /etc/traefik/certs/traefik.key
certificates:
- certFile: /etc/traefik/certs/traefik.crt
keyFile: /etc/traefik/certs/traefik.key
stores:
- default
tcp:
routers:
serviceA-router:
rule: "HostSNI(`sub.domain.tld`)"
service: serviceA
tls:
#passthrough: true
domains:
- main: "*.domain.tld"
services:
serviceA:
loadBalancer:
servers:
- address: hostname:8443