"Error while creating certificate store: failed to load X509 key pair: tls: failed to find any PEM data

jonny7 · January 14, 2021, 6:15pm

I'm having trouble launching traefik correctly. I already have multiple containers running with nginx reverse proxies and wanted to see about removing nginx and using Traefik

My traefik config file looks like this:

[entryPoints.web]
    address = ":80"
    [entryPoints.web.http.redirections.entryPoint]
      to = "websecure"
      scheme = "https"

  [entryPoints.websecure]
    address = ":443"

[api]
  dashboard = true

[providers.docker]
  watch = true
  network = "traefik"

[providers.file]
  filename = "traefik_dynamic.toml"
  watch = true

I have the dynamic file looking like this:

[http.middlewares.simpleAuth.basicAuth]
  users = [
    "admin:password"
  ]
[http.routers.api]
  rule = "Host(`my_domain.com`)"
  entrypoints = ["web"]
  middlewares = ["simpleAuth"]
  service = "api@internal"

[tls.stores]
  [tls.stores.default]
    [tls.stores.default.defaultCertificate]
      certFile = "/domain.cert"
      keyFile = "/domain.key"

When I launch traefik I mount the ssl crt and key to the route of the file system and have ran docker exec and can see them there. So I'm not sure what is wrong here? Even when I continue past the https error I just see 404 page not found

cakiwi · January 14, 2021, 7:31pm

Hello @jonny7 ,

Welcome to the community,

From your topic title the format of the cert file is not compatible. Double check the certificate is in PEM format.

Your router is configured for entrypoint web. You configured that entrypoint to redirect to https. There is no router on the websecure entrypoint, so you get a 404.

Either change the entrypoints on the router to websecure, or remove entypoints from the router altogether.

jonny7 · January 14, 2021, 8:01pm

Hi @cakiwi

Thanks for the help, so the first issue was a pesky spelling oversight

I did notice after I posted that my [http.routers.api] entrypoint was web, so I updated that to websecure & I also removed the entrypoints = ["websecure"]. Both still resulted in the 404. I just today started looking at Traefik, so it's a bit to get used to

So I'm not entirely sure what I've done wrong

jonny7 · January 15, 2021, 2:59pm

Ah ok, so I added [http.routers.api.tls] to my [http.routers.api] block. So I get the basic auth prompt, but I always get a 401 now.

Updated, Ok, I missed the piece on basic auth requiring a SHA encryption

system · January 18, 2021, 2:59pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error while creating certificate store: failed to load X509 key pair: tls: failed to find any PEM data in key input" tlsStoreName=default Traefik v2 file	1	2274	March 11, 2022
Error failed to load X509 key pair / failed to find any PEM data in certificate input Traefik v2 docker	3	1878	July 3, 2023
Default Certificate not working Traefik v2 docker	8	15889	January 3, 2022
Self-signed certificates: failed to find any PEM data in certificate Traefik v2 docker	4	3731	December 31, 2022
Unable to use own certificate Traefik v2 docker-swarm	9	6189	January 27, 2024

"Error while creating certificate store: failed to load X509 key pair: tls: failed to find any PEM data

Related topics