Can't get basic auth middleware to work in router where tls is enabled

I've been unable to get basic auth working on an https endpoint with tls enabled using lets encrypt.

nomad, consul, traefik

I use nomad to set tags on services in consul. traefik is configured to use consul as its provider.
generally, the nomad/consul/traefik setup is working.

Steps to enable it:

$ htpasswd -nbB foo bar

Add these tags to my nomad job, which in turn, sets them in consul:


Then, make a browser-based request to our domain (which otherwise works). I am prompted, and the user 'foo' and password 'bar' do not let me through.

I have also tried:

  1. Escaping the $ above by replacing it with: $$.
  2. Using a nearly identical config on a non-tls router. (This setup works for that router)
  3. Attempted to test it with curl: curl -I https://foo:bar@my.domain/login -> 401
  4. Confirm the tags manifest themselves in consul correctly:
  5. Confirmed the router/middleware appears to be configured in traefik: