I'am trying to configure the dashboard on a specfic endpoint ( port ) but without a specific domain - and i try to have TLS enabled - the default "self signed" traefik certificate should be used.
That is what i have configured
UPDATE1: fix minVersion value
UPDATE2: added endpoint for http port too
## see https://docs.traefik.io/reference/static-configuration/file/
[global]
sendAnonymousUsage = false
checkNewVersion = false
[log]
level = "debug"
filePath = "/var/log/traefik.log"
[accessLog]
filePath = "/var/log/traefik.access.log"
[serversTransport]
insecureSkipVerify = false
[serversTransport.forwardingTimeouts]
dialTimeout = "30s"
responseHeaderTimeout = "0s"
[entryPoints]
[entryPoints.http]
address = ":8080"
[entryPoints.http.transport]
[entryPoints.http.transport.respondingTimeouts]
readTimeout = "0s"
writeTimeout = "0s"
idleTimeout = "180s"
######################### tls endpoint configuration ##########################
######################### /tls endpoint configuration/ ##########################
######################### admin backend configuration ##########################
[entryPoints.api]
address = ":8000"
[entryPoints.api.transport]
[entryPoints.api.transport.respondingTimeouts]
readTimeout = "0s"
writeTimeout = "0s"
idleTimeout = "180s"
[api]
insecure = false
dashboard = true
debug = false
[ping]
entryPoint = "api"
# The rest of the configuration for the dashboard can be found under
# /mnt/filestorage/generated-dashboard.toml since it is dynamic ( router )
######################### /admin backend configuration/ ##########################
######################### acme ###########################
######################### /acme/ #########################
######################### rancher fronend/backend defintions ##########################
[providers]
######################### /rancher fronend/backend defintions / ##########################
######################### kubernetes fronend/backend defintions ##########################
######################### /kubernetes fronend/backend defintions/ ##########################
######################### file base fronend/backend defintions ##########################
[providers.file]
directory = "/mnt/filestorage"
watch = true
######################### /file base fronend/backend defintions/ ##########################
######################### docker based fronend/backend defintions ##########################
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
defaultRule = "Host(`{{ normalize .Name }}.docker.lan`)"
exposedByDefault = true
swarmMode = false
constraints = [ ]
######################### /docker based fronend/backend defintions/ ##########################
######################### metrics ##########################
######################### /mentrics/ ##########################
And the dashboard configuration is (dynamic)
[[http.routers]
[http.routers.my-api-https]
entryPoints = ["api"]
rule = "PathPrefix(`/dashboard`) || PathPrefix(`/api`)"
service = "api@internal"
middlewares = []
[http.routers.my-api-https.tls]
options = dashboard
[http.routers.my-api-http]
entryPoints = ["api"]
rule = "PathPrefix(`/dashboard`) || PathPrefix(`/api`)"
service = "api@internal"
middlewares = ["dashboard-ssl-redirect"]
[http.middlewares]
[http.middlewares.dashboard-ssl-redirect.redirectScheme]
scheme = "https"
[tls]
[tls.options]
[tls.options.dashboard]
minVersion = "VersionTLS12"
sniStrict = false
Accessing the dashboard i see in the logs
"http: TLS handshake error from 172.31.36.1:56864: remote error: tls: bad certificate
Removing TLS from the dashboard router and using HTTP does work. Any hints?