Error while creating certificate store error

sunmetis · July 2, 2025, 11:14am

HI .. I have this error with "defauts files certifcates" .. "Error while creating certificate store error="failed to load X509 key pair: tls: failed to find any PEM data in certificate input" tlsStoreName=default"
I tried everything ... Select my tls certifcate (working with all others programes , validate) , self certficate. And even check mounting points and permissions ... Nothing to do.
IN the traefk dashboard I have no errors . How to solve this ? .
tls:
stores:
default:
defaultCertificate:
#certFile: "./TLS/fullchain.pem"
#keyFile: "./TLS/private.key"
certFile: "./Traefik-TLS/fullchain.pem"
keyFile: "./Traefik-TLS/privkey.pem"
options:
default:
sniStrict: false

bluepuma77 · July 2, 2025, 12:39pm

Use 3 backticks before and after code/config (or select and press </> icon) to make it more readable and preserve spacing, which is important in yaml.

Do both of your files have the correct content?

certFile should look like like:

        -----BEGIN CERTIFICATE-----
        MIIDmDCCAx+gAwIBAgISBfsGbJvk20lIcmKqBC8+OMX6MAoGCCqGSM49BAMDMDIx
        ...
        -----END CERTIFICATE-----

        -----BEGIN CERTIFICATE-----
        MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
        ...
        -----BEGIN CERTIFICATE-----

keyFile should look like:

        -----BEGIN PRIVATE KEY-----
        MHcCAQEEIEs+gNvQkO0EX/AyI6dI0Hplb4G8pfRMyDD47MntDgTDoAoGCCqGSM49
        ...
        -----END PRIVATE KEY-----

jhonnmick · July 3, 2025, 11:31am

The error you're seeing (failed to find any PEM data in certificate input) usually means that Traefik couldn't read or parse the contents of your .pem files—most often because they’re either empty, corrupted, or incorrectly formatted. Double-check that fullchain.pem contains one or more -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- blocks and that privkey.pem includes a valid -----BEGIN PRIVATE KEY----- block. Also, verify that the file paths are correct relative to the Traefik container (not the host) and that the files are properly mounted with read permissions.

jcabrerazuniga · July 3, 2025, 7:05pm

Why not you mount the folder that has the certificates as with:

volumes:
  # Mount Certs folder
  - ./certs:/etc/traefik/certs

To verify that Key and Certificate Match:

Extract public key modulus:
- openssl x509 -noout -modulus -in your_certificate.pem | openssl sha256
- openssl rsa -noout -modulus -in your_private_key.pem | openssl sha256

Topic		Replies	Views
Error while creating certificate store: failed to load X509 key pair: tls: failed to find any PEM data in key input" tlsStoreName=default Traefik v2 file	1	2293	March 11, 2022
"Error while creating certificate store: failed to load X509 key pair: tls: failed to find any PEM data Traefik v2 docker	4	2783	January 15, 2021
Error creating certificate store / failed to load X509 key pair: tls: failed to parse private key Traefik v2 file	5	12535	September 2, 2020
Self-signed certificates: failed to find any PEM data in certificate Traefik v2 docker	4	4055	December 31, 2022
Unable to use own certificate Traefik v2 docker-swarm	9	6248	January 27, 2024

Error while creating certificate store error

Related topics