Dear Community I am new here and self-taught. i am running a synology nas 1821+ with Container manager (docker), Iam running the following container: ddns-cloudflare-ddns-1, Traefik 3.2.1. and crowdsec. I installed that recently. Till now, no Let's encrypt certificate was received but instead the following error message:
"level":"debug","middlewareName":"crowdsec-bouncer@file","middlewareType":"ForwardAuth","time":"2024-12-24T13:10:19Z","caller":"github.com/traefik/traefik/v3/pkg/middlewares/auth/forward.go:187","message":"Remote error http://bouncer-traefik:8080/api/v1/forwardAuth. StatusCode: 403"
"level":"debug","time":"2024-12-24T13:22:48Z","caller":"github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:228","message":"Serving default certificate for request: """
"time":"2024-12-24T13:48:52Z","caller":"log/log.go:245","level":"debug","message":"http: TLS handshake error from 104.234.115.29:58876: read tcp 192.168.1.80:443->104.234.115.29:58876: i/o timeout"
"level":"info","providerName":"cloudflare.acme","acmeCA":"https://acme-v02.api.letsencrypt.org/directory","time":"2024-12-24T13:53:57Z","caller":"github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:859","message":"Testing certificate renew..."
"time":"2024-12-24T13:56:20Z","caller":"log/log.go:245","level":"debug","message":"http: TLS handshake error from 80.94.93.191:61011: tls: client offered only unsupported versions: [302 301]"
Any suggestions for solving this problem? I am looking forward to your replies
Happy for any suggestions/help!
Use 3 backticks before and after code/config to make it more readable.
Hi bluepuma, as requested here comes the new info:
{"time":"2024-12-24T13:48:52Z", "caller": "log/log.go:245", "level":"debug","message":
"http: TLS handshake error from 104.234.115.29:58876: read tcp 192.168.1.80:443->104.234.115.29:58876: i/o timeout"}
{"level":"info","providerName": "cloudflare.acme","acmeCA":
"https://acme-v02.api.letsencrypt.org/directory", "time":"2024-12-24T13:53:57Z", "caller":"github.com/traefik/traefik/v3/pkg/provider/acme/provider.go:859",
"message": "Testing certificate renew..."}
{"time":"2024-12-24T13:56:20Z", "caller": "log/log.go:245","level":"debug",
"message": "http: TLS handshake error from 80.94.93.191:61011:
tls: client offered only unsupported versions: [302 301]"}
{"level":"debug","time":"2024-12-24T13:56:23Z",
"caller": "github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:228",
"message": "Serving default certificate for request: "bfg-ott.de""}
I hope, this is easier to read
regards FreddieOne
Share your full Traefik static and dynamic config, and docker-compose.yml if used.
Use 3 backticks before and after code/config (or select text and use </> button) to make it more readable and preserve spacing, which is important for yaml.
You see TLS request errors because you serve a default Traefik TLS cert, which is not accepted by a browser/client. So LetsEncrypt seems not to work.
Also the minimum requirements of Traefik default TLS settings seems not to be met by the browser/client.
Hi bluepuma,
request to point 1
You see TLS request errors because you serve a default Traefik TLS cert, which is not accepted by a browser/client. So LetsEncrypt seems not to work.
- at present I switched back to test configuration.
- Any suggestion to solve that problem?
Also the minimum requirements of Traefik default TLS settings seems not to be met by the browser/client.
- How can this be accomplished
Thank you for your quik reply
regards FreddieOne
.. and the crowdsec configureation file
