Getting `non-existent resolver` error with letsencrypt tls-challenge

Image: traefik:v2.1

I'm getting below error when trying to use letsencrypt with tls-challenge
level=error msg="the router api@file uses a non-existent resolver: myresolver"

I'm following these two links for configuration.

  1. acme_link
  2. references_link

I even tried removing the previous acme.json file and recreated it but it didn't work either.
link to gist file:


Could you provide your configuration and your logs?

Recommend read:

Hello @ldez, please find below the files.
logs are available here(file too):


version: "3.7"

    external: true
    name: test-network

      replicas: 1
        condition: on-failure
        delay: 5s
        max_attempts: 5
          - node.hostname == gcloud1
          - node.role == manager
        - "traefik.enable=true"
        #  here router is api and in proxy-config.toml file router is myrouter
        #- "traefik.http.routers.api.rule=Host(``) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
        #- "traefik.http.routers.api.service=api@internal"  # Let the dashboard access the traefik api
          #- "traefik.http.routers.api.tls.certresolver=le"
        #- "traefik.http.routers.traefik.entrypoints=web"
        #- "traefik.http.routers.traefik.middlewares=dashboard-auth"      # put your middleware name here separated by comma

        # All middlewares here
        #- "traefik.http.middlewares.dashboard-auth.basicauth.users=test:XXX" # using double $ to skip single $ else not accepted

    hostname: traefik
    image: "traefik:v2.1"
    #user: "${UID}:${GID}"

      - --providers.file.filename=/etc/traefik/proxy-config.toml # Using file for reading the config
      - --entrypoints.web.address=:5050
      - --entrypoints.websecure.address=:443
      #- --api.insecure # enabling dashboard on insecure connection
      - --api=true
      - --api.dashboard=true
      - --api.debug=true
      - --log.level=DEBUG

      - ./proxy-config.toml:/etc/traefik/proxy-config.toml:ro
      - ./letsencrypt/acme.json:/etc/traefik/acme/acme.json:rw

      - target: 5050
        published: 5050
        #protocol: tcp
        mode: host
      - target: 443
        published: 443
        #protocol: tcp
        mode: host
      - target: 8080
        published: 8080
        #protocol: tcp
        mode: ingress # traefik dashboard

      - test-network


    rule = "Host(``)"
    middlewares = ["auth"]
    service = "goserver"
    entryPoints = ["web"]

    rule = "Host(``) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
    middlewares = ["auth"]
    service = "api@internal"
    entryPoints = ["websecure"]  # <-- changed to `websecure` for https else move it back to `web`

    # will route TLS requests (and ignore non tls requests)
      certResolver = "myresolver"
        main = ""

    users = ["test:XX"]

      url = "http://priv_ip:8001"

      email = ""
      storage = "/etc/traefik/acme/acme.json"
      caServer = ""
      #keyType = "EC384"

      # tls challenge

the dynamic configuration and the static configuration must be defined in separated files:

@ldez I have added letsecnrypt config under command in docker-traefik.yaml file and now I'm getting file permission error.

level=error msg="The ACME resolver \"myresolver\" is skipped from the resolvers list because: unable to get ACME account: open /acme.json: permission denied"

file permission on machine is:

ls -lh letsencrypt/acme.json
-rw------- 1 prayag prayag 0 Feb 20 12:45 letsencrypt/acme.json

file permisison and user inside traefik container

/ # ls -lh acme.json
-rw-------    1 nobody   nobody         0 Feb 20 12:45 acme.json

file permission for proxy-config.yaml
on machine

ls -lh proxy-config.toml
-rw-rw-r-- 1 prayag prayag 1.2K Feb 20 18:22 proxy-config.toml

Inside container

/ # ls -lh /etc/traefik/proxy-config.toml
-rw-rw-r--    1 nobody   nobody      1.1K Feb 20 18:22 /etc/traefik/proxy-config.toml

@ldez Please help. I have tried changing the file owner too but it is not working.