Traefik (community edition) does not support LetsEncrypt certificate generation when using multiple Traefik instances in Docker Swarm. You need the enterprise version to do sync'ed LE cert validation. (Source)
The issue is that Traefik will start a request, gets a key from LE, but a different Traefik instance will receive the validation and not know about the key.
I created a rough workaround using certbot for LE certificate generation when using multiple Traefik instances in Docker Swarm, it might not be 100% reliable.
Alternatively use a shared acme.json
through a distributed file system, but that might be problematic due to potentially multiple Traefik instances writing to the same file at the same time.