Debug TLS store

Hi,

I want to use custom TLS certificates with my traefik v3.1.0 which is running with docker-compose.

Let's Encrypt works so far, but for some reasons I wanted to experiment and use certificates I got with acme.sh or mkcert (for local purposes).

For this:

• I have mounted my folder under /tls in the container
• Referenced all the files in my traefik.yaml
• Replaced my label from the service container with something like traefik.http.routers.myservice.tls=true
• double-checked that the certificates and keys are readable (docker exec sh in the container and cat the files, compared the paths with the ones from the yaml).

I have all sorts of certificates; "real" ones from ZeroSSL with wildcards and for single domains, and self-created ones from mkcert.

Observation: For my service, traefik always returns the traefik default certificate. I have no evidence that traefik has loaded them, I don't see anything in the logs.

Question: What can I do to debug this. Is there something which should be in the logs, if traefik loaded certificates, or something else I can do?

Thanks!

Aaaaargh ... found the mistake.

To anyone reading this: If you - like me - use files, make sure that you distinguish between static and dynamic configuration. I was not paying attention to this.

In my case, I added the tls: section to traefik.yaml, which did not work. I then added an additional entry to the providers: section, pointing to tls.yaml, where I now added my certificates.

Then, it worked.

And yes, the logs (in debug level at least) mention the TLS certificates which are loaded and added to the store.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.