I have a question on the precedence of the various TLS options.
I have a default tls certificate defined:
stores:
default:
defaultCertificate:
certFile: /etc/traefik/tls/my.dev.crt.pem
keyFile: /etc/traefik/tls/my.dev.key.pem
This works fine and as expected for my various routers.
Now I have defined a router that I want to have a cert issued from via acme. I have a definition in traefik.yml as below:
certificatesResolvers:
dev:
acme:
[etc]
And in my router definition I have:
http:
routers:
mytest_router:
service: mytest
rule: Host(`mytesthost.my.dev`)
priority: 10
tls:
certResolver: dev
[etc]
When I go to the url mytesthost.my.dev I get the certificate from the default store, rather than one being requested through the 'dev' ACME cert resolve.
This leads me to think that when we have a defaultCertificate set we cannot over-ride this with a specific certResolver. If I comment out the default cert store - I see the ACME call being made, so the config looks good. I wondered if it is possible to set some priority or ordering on this?
Has anyone come across this before or can suggest a way to work around it. Ideally I would like to keep the default cert in place and just have a few routers that are making an ACME call.
Thanks.