Custom SSL certificate results in runtime error

I'm trying to use custom SSL certificate with Traefik, but it doesn't work and when I login to it serves TRAEFIK DEFAULT CERT instead, while logs (from sudo docker logs traefik) show some runtime and handshake errors:

time="2021-02-04T20:43:02Z" level=debug msg="http: panic serving runtime error: invalid memory address or nil pointer dereference"
time="2021-02-04T20:43:02Z" level=debug msg="No default certificate, generating one"
time="2021-02-04T20:43:02Z" level=debug msg="Serving default certificate for request: \"\""
time="2021-02-04T20:43:05Z" level=debug msg="http: TLS handshake error from remote error: tls: unknown certificate"

SSL certificate is bundled from multiple ones in correct order and passes all possible checks I've found. (At first there were some failed to find any PEM data in certificate input errors, but after changes in bundling and file paths they are gone.)

The project folder structure and config files look like that:
/home/user/traefik/certificates/ (and .key)

traefik.toml in /home/user/traefik:

    address = ":80"

        to = "websecure"
        scheme = "https"

    address = ":443"

  level = "DEBUG"

  filePath = "access.log"

    watch = true
    network = "web"

    directory = "/certificates/"
    watch = true
    filename = "/dynamic.toml"

dynamic.toml in /home/user/traefik:

    certFile = "/certificates/"
    keyFile = "/certificates/"
    stores = ["default"]

Script in /home/user/traefik folder:

docker stop traefik

docker rm traefik

docker run -d \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v $PWD/traefik.toml:/traefik.toml \
  -v $PWD/dynamic.toml:/dynamic.toml \
  -v $PWD/traefik.log:/traefik.log \
  -v $PWD/access.log:/access.log \
  -v $PWD/certificates/:/certificates/ \
  -p 80:80 \
  -p 443:443 \
  --network web \
  --name traefik \

Part of docker-compose.yml in /home/user/application:

version: '3.0'

      - traefik.http.routers.seatable.rule=Host(``)
      - traefik.http.routers.seatable.tls=true
      - application-net
      - web

    external: false
    external: true

What should I change to make it work?

Hi @vaavdeev

You have conflicting conofiguration using both directory and file. Pretty sure this is using the directory watchand not finding any configuration.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.