Http to https redirection using docker-compose and letsencrypt http challenge

rdehuyss · September 2, 2021, 7:10am

Hi there,

we've setup traefik with letsencrypt using http challenge: this part is working like a charm.

We're now also trying to make sure that all http traffic is redirected to https and for some reason, we cannot get this to work. We're only using docker-compose.yml.

Our setup is as follows:

version: "3.3"

services:
  traefik:
    image: "traefik:v2.5.1"
    container_name: "traefik"
    restart: unless-stopped
    command:
      - "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.myresolver.acme.email=xgr@example.com"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    network_mode: "host"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

  whoami:
    image: "traefik/whoami"
    container_name: "simple-service"
    labels:
      - traefik.enable=true
      - traefik.http.middlewares.mywebserver-redirect-websecure.redirectscheme.scheme=https
      - traefik.http.routers.mywebserver-web.middlewares=mywebserver-redirect-websecure
      - traefik.http.routers.mywebserver-web.rule=Host(`foobar.example.com`)
      - traefik.http.routers.mywebserver-web.entrypoints=web
      - traefik.http.routers.mywebserver-websecure.rule=Host(`foobar.example.com`)
      - traefik.http.routers.mywebserver-websecure.tls.certresolver=myresolver
      - traefik.http.routers.mywebserver-websecure.tls=true
      - traefik.http.routers.mywebserver-websecure.entrypoints=websecure
      - traefik.http.services.mywebserver-websecure.loadbalancer.server.port=80

When we navigate to https://foorbar.example.com, we get to see the expected output. If we however navigate to http://foobar.example.com, the request in chrome developer tools is first pending but then times out.

What are we doing wrong?

Edit: I also tried to add global redirection in the traefik service itself but this results in the same behaviour. See yaml below:

command:
      - "--providers.docker"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.websecure.address=:443"

Topic		Replies	Views
Https redirection without breaking letsencrypt http challenge Traefik v2 (latest) letsencrypt-acme	4	3528	July 19, 2021
HTTP to HTTPS redirection and error 404 page issue Traefik v2 (latest) letsencrypt-acme	1	133	January 10, 2024
Docker compose with Treafik and portainer + redirect and LetsEnCrypt Traefik v2 (latest) letsencrypt-acme , middleware	7	4187	March 5, 2020
Traefik SSL Let's Encrypt invalid certificate Traefik v2 (latest) docker , letsencrypt-acme	2	516	October 4, 2022
Basic example for" https with let's encrypt" return generated certificat Traefik v2 (latest) docker , letsencrypt-acme	1	933	November 26, 2019

Http to https redirection using docker-compose and letsencrypt http challenge

Related Topics