Docker traefik with self-signed certificate

Hey there,

I'm new in the traefik-universe and just before despair .....

I need traefic for https with my own valid cert. This is for all my Docker-Containers (11) because many docker-containers dont allow to set a certificate or its to unnecessarily heavy.

I manged all with Portainer because, its nice for me.

My steps:

  1. I create volumes in docker: docker volume create traefik-ssl && docker volume create traefik-data
  2. Set Portainer:
image:
traefik:latest

ports:
80:80; 443:443; 8080:8080

volumes:
/var/run/docker.sock:/var/run/docker.sock
traefik-data:/etc/traefik
traefik-ssl:/ssl-certs

Not deployed!

Create in traefik-config a traefik.yml with following commands:

# (Optional) Log information
log:
    level: DEBUG  # DEBUG, INFO, WARNING, ERROR, CRITICAL
    format: common  # common, json, logfmt
    filePath: /etc/traefik/traefik.log

# (Optional) Accesslog
# accesslog:
  # format: common  # common, json, logfmt
  # filePath: /var/log/traefik/access.log


global:
  checkNewVersion: true
  sendAnonymousUsage: false

# API and dashboard configuration
api:
  dashboard: true
  insecure: true

# Entry Points configuration
# ---
entryPoints:
  web:
    address: :80
    # (Optional) Redirect to HTTPS
    # ---
    # http:
    #   redirections:
    #     entryPoint:
    #       to: websecure
    #       scheme: https

  websecure:
    address: :443

#Default
providers:
  docker:
    exposedByDefault: false
  file:
    filename: "/etc/traefik/dynamic_config.yml"
    watch: true

Deploy the Container, its starts normally without problems.

Now I read some topics about self-signed-certificates and that traefic2 needs dynamic-config-files for the ssl-certs

  1. Open portainer, edit traefic-container
  2. Create a File as "dynamic_config.yml" with this content:

Dynamic configuration

tls:
  stores:
    default:
      defaultCertificate:
        certFile: /ssl-certs/cert.crt
        keyFile: /ssl-certs/cert.key

and put the crt and key in the /ssl-certs folder

Yeahr and know .... traefic says ... fuuu you with: "No default certificate, generating one" tlsStoreName=default

I try so many ways, but no way was successful ... idk ... my motivation is down and I dont know what I can do

Now my questions...

  1. Whats wrong with this way?
  2. Why traefic create everytime a default cert and dont use my cert?

Sry for my bad english. I hope you will understand my problem and can help me.

Kind regards