Can traefik terminate an SSL connection and create a new SSL connection to the backend service

dduportal · November 15, 2019, 2:51pm

Hi @workasr, the documentation about TLS at the "Router" level is for the "incoming" part of the requests.

As you can read in https://docs.traefik.io/routing/overview/, the Traefik object you're looking for is a "Service" (https://docs.traefik.io/routing/services/), which represents the backend services (e.g. your applications behind traefik).

Depending on the kind of dynamic configuration provider (File, Docker, Kubernetes, etc.), there are different way to re-establish a new SSL/TLS connection to the backend (assuming that your backend service is serving a valid TLS certificate chain. If not, let us know as the certificate or the CA authority has to be provided to Traefik, or TLS connection made insecure with insecureSkipVerify):

With file provider, set the url directive of the server(s) definition to https://<ip of backend>:443 for instance
With docker (engine or swarm), set the server.scheme label to the value https:

- "traefik.http.services.myservice.loadbalancer.server.scheme=http"

as per https://docs.traefik.io/routing/providers/docker/#services .

Topic		Replies	Views
Terminating TLS and Re-encrypt Traefik v2 rancher , docker	9	1624	January 30, 2024
SSL terminated on host by server company. What do I need to do? Traefik v2 docker	4	429	November 29, 2022
Is it possible to perform SSL termination solely at a service's container without a TCP Router? Traefik v2 docker-swarm , tcp , middleware	8	1285	November 8, 2019
Terminate TLS and forward new HTTPS request Traefik v2 kubernetes-ingress , middleware	1	522	November 30, 2020
Tls termination - https to http, simple guide Traefik v3 (latest) docker	2	292	September 27, 2024

Can traefik terminate an SSL connection and create a new SSL connection to the backend service

Related topics