Error - servers transport not found

Traefik Traefik v3 (latest)
,
1

I want to reverse proxy an application which defaults to https with a self-signed certificate
Here is the docker compose i am using

traefik:
  image: traefik:v3.0
  container_name: traefik
  restart: unless-stopped
  command:
    - --global.sendanonymoususage=false
    - --api=true
    - --entrypoints.web.address=:80
    - --entrypoints.web.http.redirections.entrypoint.to=websecure
    - --entrypoints.web.http.redirections.entrypoint.scheme=https
    - --entrypoints.web.http.redirections.entrypoint.permanent=true
    - --entrypoints.websecure.address=:443
    - --entrypoints.websecure.asDefault=true
    - --entrypoints.websecure.http.tls=true
    - --providers.docker=true
    - --providers.docker.exposedbydefault=false
    - --providers.file.filename=/traefik/config.toml
    - --log.level=DEBUG
  ports:
    - 80:80
    - 443:443
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock:ro
    - /etc/letsencrypt:/etc/letsencrypt
    - /opt/containers/traefik:/traefik
  labels:
    - traefik.enable=true
    - traefik.http.routers.traefik.rule=Host(`traefik.domain.com`)
    - traefik.http.routers.traefik.service=api@internal
    - traefik.http.routers.traefik.middlewares=authtraefik
    - traefik.http.middlewares.authtraefik.basicauth.users=user:pass

  app:
   ...
    ports:
      - 8080:8080
    labels:
      - traefik.enable=true
      - traefik.http.routers.app.rule=Host(`app.domain.com`)
      - traefik.http.services.app.loadbalancer.server.port=8080
      - traefik.http.services.app.loadbalancer.serverstransport=ignorecert
      - traefik.http.services.app.loadbalancer.server.scheme=https

/traefik/config.toml just contains 2 things, the ssl certificate and a serversTransport for containers which use a self signed certificate

[[tls.certificates]]
  certFile = '/etc/letsencrypt/live/{domain}/fullchain.pem'
  keyFile = '/etc/letsencrypt/live/{domain}/privkey.pem'

[http.serversTransports.ignorecert]
  insecureSkipVerify = true

It gives me the following error - ERR github.com/traefik/traefik/v3/pkg/server/router/router.go:136 > error="servers transport not found ignorecert@docker" entryPointName=websecure routerName=app@docker.
Do note that i don't want to enable insecureSkipVerify globally but only for couple of docker containers which use a self signed certificate.

2

Hi,
you can't mix commands ans a static conf file (traefik.toml), in your situation commands are ignored (link)

3

Hello
I don't think that's the case since my ssl certs are always used totally fine as defined in the config.toml. In fact, its not even possible to load any external ssl certs just using the commands as far as i know. Only the serversTransport rule is not working for some reason. i have like dozen other containers which don't have any self signed cert and all of them are served by the ssl cert defined in my config.toml

4

yeah sorry didn't notice it was a dynamic file not a static one, my bad, do you have any logs?

5

yeah, i see the following error in logs related to this very app

ERR github.com/traefik/traefik/v3/pkg/server/router/router.go:136 > error="servers transport not found ignorecert@docker" entryPointName=websecure routerName=app@docker

6

i guess you want to achieve this which needs to be configured in the static file or via commads

7

Thaks but wouldn't this enable insecureSkipVerify globally ? Since i use many other docker containers which don't require this configuration, i need to enable it for only couple of docker containsrs which have a self signed certificate

8

Just fixed the issue, simply had to replace traefik.http.services.app.loadbalancer.serverstransport=ignorecert by traefik.http.services.app.loadbalancer.serverstransport=ignorecert@file to make it explicitly use the file provider

1 Like
9

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.