Hi all,
Working on moving from V1 to V2.
So far all seems to carry over pretty well with the exception of the SSL certificates.
I cannot seem to get it nailed down.
Can someone direct me to the correct location to set the SSL cert to be used?
I have a wild card cert that will be used for all containers sitting behind Traefik.
docker-compose.tml:
version: '3.7'
services:
reverse-proxy:
# The official v2.0 Traefik Docker image
image: traefik:v2.0
# Enables the web UI and tells Traefik to listen to docker
command:
- "--log.level=DEBUG"
- "--log.filepath=/traefik.log"
- "--log.format=json"
- "--api=true"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=true"
- "--entrypoints.http.address=:80"
- "--entrypoints.https.address=:443"
labels:
- "traefik.enable=true"
- "traefik.docker.network=reverse-proxy"
- "traefik.http.routers.traefik.rule=Host(`test.dev.com`)"
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefikloadbalancer.server.port=8080"
ports:
# The HTTP port
- "80:80"
# The HTTPS port
- "443:443"
# The web UI
- "8080:8080"
volumes:
# So that traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock:ro
- /srv/ssl/:/etc/traefik/ssl
- ./logs/traefik.log:/traefik.log
networks:
- reverse-proxy
networks:
reverse-proxy:
name: reverse-proxy
The assistance is appreciated!
xophe
2
Hello !
You can head to https://docs.traefik.io/https/tls/#certificates-stores to define certificates to be used !
I added the following to traefik.toml and still get the self-signed cert...
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "path/to/cert.crt"
keyFile = "path/to/cert.key"
Is there anything beyond that needed?
ldez
4
Hello,
In the v2 the dynamic configuration and the static configuration must be defined in 2 different files.
version: '3.7'
services:
reverse-proxy:
# The official v2.0 Traefik Docker image
image: traefik:v2.0
# Enables the web UI and tells Traefik to listen to docker
command:
- "--log.level=DEBUG"
- "--log.filepath=/traefik.log"
- "--log.format=json"
- "--api=true"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=true"
- "--providers.file=true"
- "--providers.file.filname=/dyn/dynamic.toml"
- "--entrypoints.http.address=:80"
- "--entrypoints.https.address=:443"
labels:
- "traefik.enable=true"
- "traefik.docker.network=reverse-proxy"
- "traefik.http.routers.traefik.rule=Host(`test.dev.com`)"
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefikloadbalancer.server.port=8080"
ports:
# The HTTP port
- "80:80"
# The HTTPS port
- "443:443"
# The web UI
- "8080:8080"
volumes:
# So that traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock:ro
- /srv/ssl/:/etc/traefik/ssl
- ./logs/traefik.log:/traefik.log
- ./dyn/:/dyn/
networks:
- reverse-proxy
networks:
reverse-proxy:
name: reverse-proxy
That did it!
That makes sense now that I see it in a real config file. The Docs didn't make it so clear...
Now...probably for another thread but any container that I try to hit as HTTPS gets the cert correctly but returns a 404...
nicosto
6
Hi
Can you post the snippet of both files static and dynamic
I have a real struggle with the documentation
thanks
zespri
7