Cannot connect to RabbitMQ using Let'sEncrypt

Hi, what's wrong in this configuration.
My goal is to connect to TCP port of RabbitMQ with TLS using Let's Encrypt.

http:
   routers:
     toTest:
       rule: "Host(`my.example.com`)" # this works
       service: rabbitmqweb
       tls:
         certResolver: letsencrypt

   services:
     rabbitmqweb:
       loadBalancer:
         servers:
           - url: "http://rabbitmq:15672"

 tcp:
   routers:
     to-rabbitmq:
       entryPoints:
         - "rabbitmq"
       rule: "HostSNI(`my1.example.com`)" #this doesn't work
       service: rabbitmq
       tls:
         certResolver: letsencrypt

   services:
     rabbitmq:
       loadBalancer:
         servers:
           - address: "rabbitmq:5672"



Why do you think it is wrong? Did you receive an error message? Care to tell us?

Share your full Traefik static and dynamic config, and docker-compose.yml if used.

This is an exception from test client:
RabbitMQ.Client.Exceptions.BrokerUnreachableException: 'None of the specified endpoints were reachable'

This is the code (c#):

using System.Security.Authentication;
using System.Text;
using RabbitMQ.Client;

var factory = new ConnectionFactory { HostName = "my1.example.com", UserName="guest",Password= "guest", VirtualHost = "/",
    Port = 5672, Ssl = new SslOption { Enabled = true }
};
using var connection = factory.CreateConnection();

This is docker compose of traefik:

version: '3'

services:
  reverse-proxy:
    # The official v2 Traefik docker image
    image: traefik:v2.10.4
    container_name: traefik
    # restart: always
    # Enables the web UI and tells Traefik to listen to docker
    #network_mode: "host" #nefunguje
    ports:
      # The HTTP port
      - "80:80"
      # The Web UI (enabled by --api.insecure=true)
      - "8080:8080"
      - "443:443"
      - "5432:5432"
      - "5672:5672"
      - "1883:1883"
    volumes:
      # So that Traefik can listen to the Docker events
      - ./:/etc/traefik
      - ./data/traefik.yml:/traefik.yml:ro

Traefik config:

api:
   dashboard: true
   #insecure: true

entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
          permanent: true
  websecure:
    address: ":443"
    http:
      tls:
        certResolver: letsencrypt
  postgres:
    address: ":5432"
  rabbitmq:
    address: ":5672"
  mqtt:
    address: ":1883"
# pilot:
#   dashboard: true

#tracing: {}
log:
  level: DEBUG

providers:
  http:
    endpoint: "http://traefikkonfigurace/traefik.conf"

certificatesResolvers:
  letsencrypt:
     acme:
       email: ********
       storage: acme.json
       keyType: EC384
       httpChallenge:
         entryPoint: web

RabbitMQ docker compose

version: "3.2"
services:
  rabbitmq:
    image: rabbitmq:3-management-alpine
    container_name: 'rabbitmq'
    #ports:
    #    - 5672:5672
    #    - 15672:15672
    volumes:
        - ~/.docker-conf/rabbitmq/data/:/var/lib/rabbitmq/
        - ~/.docker-conf/rabbitmq/log/:/var/log/rabbitmq
    networks:
        - traefik_default

networks:
  traefik_default:
    external: true

Traefik is not in the same Docker network as RabbitMQ, so Traefik can not forward requests to RabbitMQ.

How is that possible?
If i run

docker inspect rabbitmq -f "{{json .NetworkSettings.Networks }}"
docker inspect traefik -f "{{json .NetworkSettings.Networks }}"

then both containers traefik and rabbitmq return result beginning with same network:

{"traefik_default":{"IPAMConfig":null,"Links":null,"Aliases":["rabbitmq", ...
{"traefik_default":{"IPAMConfig":null,"Links":null,"Aliases":["traefik","revers ...

I don’t understand your point. Why is the result cut short?

According to your configs, RabbitMQ is connected to traefik_default, Traefik is not.

It is not true.
Traefik is connected to traefik_default.

docker exec -it traefik  sh
/ # ping rabbitmq
PING rabbitmq (172.19.0.5): 56 data bytes
64 bytes from 172.19.0.5: seq=0 ttl=64 time=0.170 ms
64 bytes from 172.19.0.5: seq=1 ttl=64 time=0.135 ms
^C
--- rabbitmq ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.135/0.152/0.170 ms


According to compose files you posted, only RabbitMQ has

What is http://traefikkonfigurace/traefik.conf?

traefik_default was created when i first started docker compose from folder named traefik.
I use it always this way and it just works and traefik use this network by default.

http://traefikkonfigurace/traefik.conf is just local web site providing dynamic configuration mentioned in my first comment here.
https://my.example.com works well so i suppose it is correct