Http is working - https is not

I think I have done the most simple test of Traefik I can.

I downloaded the default config and added the tls node

address = ":80"

address = ":443"

certFile = "/etc/traefik/home.local.crt"
keyFile = "/etc/traefik/home.local.key"

My docker run looks like this

docker run -d --name Traefik -p 8080:8080 -p 80:80 -p 443:443 -v "//etc/dockerstorage/traefik/traefik.toml:/etc/traefik/traefik.toml" -v /var/run/docker.sock:/var/run/docker.sock traefik:latest

http works fine but https does not. I get an 404 error and it looks like it's the default traefik certifikat that is being used and not my own.

Hi @Hamsterman

TLS will have to be enabled on the Entrypoint or router, this is not done by default.
see: traefik.http.routers.<router_name>.tls

Thanks alot for your reply.

This made it work more or less

address = ":443"

    main = "home.local"
    sans = ["*.home.local"]

Now the https is responding - but I can't figure out how to have Traefik use my own certificate though.

The main and sans options is for requesting certificates via lets encrypt.

[entryPoints.websecure.http.tls] will be enough to activate TLS.

Check the logs for errors/warnings at startup. Enable the debug if necessary.

The router must have a Host rule that matches a certificate, san or wildcard in the certificate otherwise the Traefik Default certificate will be used.

How are you testing https, browser or command line ?

Thanks for your reply

I tried this configuration then:

address = ":80"

address = ":443"

# By default, routers listen to every entry points
rule = "Host(home.local)"
service = "service-1"

Still the TLS (https) is working but the default Traefik certificate is being used.
There are no errors in the log.
Also I find it odd that I don't need to configure where my custom certificate is located so I added this to my docker run

-v "//etc/dockerstorage/traefik/certificates:/certificates:ro"

In the certificates folder I placed home.local.crt and home.local.key (generated with openssl).

I am testing using a browser.

I had the same problem configuring TLS with custom cert.
I'm new to traefik so the following statements may not be accurate.
You need to provide your tls config in a seperate file, like this YAML (tls.yml):

        certFile: /config/tls.crt
        keyFile: /config/tls.key
    - certFile: /config/tls.crt
      keyFile: /config/tls.key

I configure the traefik container like this:

    image: "traefik:v2.4"
    restart: always
    command: >-
      - "80:80"
      - "443:443"
      - ""
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./reverseproxy/:/config/

The local reverseproxy directory contains the three files tls.crt, tls.key and tls.yml (see above)

1 Like

Finally it works - Thanks alot @deceptiveSimplicity

I created the new tls.yml config as you suggested and added this to my .toml config.

directory = "/certificates/"

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.