How to specify certResolver

owenfi · November 25, 2019, 2:02am

I'm stuck getting my Traefik instance to generate certs (or redirect to HTTPS, but one thing at a time) when viewing view HTTPS.

Here is my attempted config that I believe should be working:

traefik.yml:

entryPoints:
web:
    address: ":80"

  web-secure:
    address: ":443"

  other:
    address: ":9090"

  certificatesResolvers:
    sample:
      acme:
        email: acme@owenimholte.com
        storage: acme.json
        httpChallenge:
        entryPoint: web

http:
  routers:
    engager:
      rule: "Host(`sunkenlighthouse.com`)"
      service: "nginx"
      tls:
          certResolver: sample
     entryPoints:
        - "web-secure"

docker-compose.yml:

nginx:
    image: nginx:latest
    volumes:
      - /Sites/sunkenlighthouse.com:/usr/share/nginx/html
    labels:
      - "traefik.enable=true"

One point I'm not clear about is in the instructions it says to "specify" the certResolver for a given router. This makes sense but the naming is unclear, in the above example would it be "sample" or am I missing the concept? If that were spelled out a bit more in the docs it would be appreciated.

ldez · November 25, 2019, 8:55am

Hello,

traefik.yml

entryPoints:
  web:
    address: ":80"

  web-secure:
    address: ":443"

  other:
    address: ":9090"

providers:
  docker:
    exposedByDefault: false

certificatesResolvers:
  sample:
    acme:
      email: acme@owenimholte.com
      storage: acme.json
      httpChallenge:
      entryPoint: web

docker-compose.yml:

nginx:
    image: nginx:latest
    volumes:
      - /Sites/sunkenlighthouse.com:/usr/share/nginx/html
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nginx.rule=Host(`sunkenlighthouse.com`)"
      - "traefik.http.routers.nginx.tls.certResolver=sample"
      - "traefik.http.routers.nginx.entryPoints=web-secure"

owenfi · November 25, 2019, 9:23am

Thanks very much! Tiny edit, the 2nd label should read ...rule=Host... of course. Thanks!

This has successfully enabled my SSL, I think I can make progress from here. Woohoo!

If I preferred this Nginx biz to be in the Traefik.yml (or another "dynamic" config?), it seems like that should be possible, no?

Not sure why I had so much trouble but one other issue I was having was mapping in an old config file from my previous attempt to get everything working's directory. Cleaning it all up based on your suggestion did the trick. Thanks again!

owenfi · November 25, 2019, 10:24am

I feel I'm very close but for some reason not able to figure out what the docker service-id/name would be. The obvious answer in this case would be nginx but the server only 404's with the following config:

ldez · November 25, 2019, 11:58am

I recommend to use labels instead of file to define routers on container.

Also the file traefik.yml contains the static configuration, so the dynamic configuration must be define in another file and require to enable the file provider.

Topic		Replies	Views
Traefik v2.2 : default certResolver not used (bug ?) Traefik v2 (latest) letsencrypt-acme	2	4238	April 24, 2020
Traefik + Docker + Let's Encrypt Traefik v2 (latest) docker , letsencrypt-acme	4	537	April 6, 2021
Use different certresolvers depending on the domain Traefik v2 (latest) docker , letsencrypt-acme	4	230	January 15, 2024
Certificate resolver Traefik v2 (latest) letsencrypt-acme	6	2514	July 12, 2021
Unable to get HTTPS to work at all Traefik v3 (beta) docker , letsencrypt-acme	2	122	March 2, 2024

How to specify certResolver

Related Topics