HTTPS returns 404

shamil · December 9, 2019, 9:42am

I've a bit of a weird problem: HTTP returns the websites fine, however, HTTPS returns a 404

Here's an example for the website: shamil.co.uk:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  creationTimestamp: null
  name: shamilweb
  namespace: shamil
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
  entryPoints: []
  routes:
  - kind: Rule
    match: Host(`shamil.co.uk`) && PathPrefix(`/`)
    middlewares: []
    priority: 0
    services:
    - name: shamilweb
      port: 80

And debug logs:

time="2019-12-09T08:55:23Z" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [web websecure traefik]" routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd
time="2019-12-09T08:55:23Z" level=debug msg="Creating middleware" routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd serviceName=shamil-shamilweb-6796d72460223401241e middlewareName=pipelining middlewareType=Pipelining entryPointName=web
time="2019-12-09T08:55:23Z" level=debug msg="Creating load-balancer" serviceName=shamil-shamilweb-6796d72460223401241e entryPointName=web routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd
time="2019-12-09T08:55:23Z" level=debug msg="Creating server 0 http://192.168.152.42:8080" serverName=0 entryPointName=web routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd serviceName=shamil-shamilweb-6796d72460223401241e
time="2019-12-09T08:55:23Z" level=debug msg="Added outgoing tracing middleware shamil-shamilweb-6796d72460223401241e" entryPointName=web routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd middlewareName=tracing middlewareType=TracingForwarder
time="2019-12-09T08:55:40Z" level=debug msg="Serving default certificate for request: \"shamil.co.uk\""
time="2019-12-09T08:55:41Z" level=debug msg="Serving default certificate for request: \"shamil.co.uk\""
time="2019-12-09T08:57:08Z" level=debug msg="Serving default certificate for request: \"shamil.co.uk\""

Here is the deployment config:

Labels:           app=traefik
  Service Account:  traefik-ingress-controller
  Containers:
   traefik:
    Image:       traefik:v2.0
    Ports:       80/TCP, 443/TCP, 8080/TCP
    Host Ports:  0/TCP, 0/TCP, 0/TCP
    Args:
      --log.level=DEBUG
      --api.insecure
      --accesslog
      --entrypoints.web.Address=:80
      --entrypoints.websecure.Address=:443
      --providers.kubernetescrd
      --certificatesresolvers.default.acme.tlschallenge
      --certificatesresolvers.default.acme.email=shamil@domain.com
      --certificatesresolvers.default.acme.storage=acme.json

All I can see is that it serves the default certificate for the request. Am I missing something in the ingress route?

ldez · December 9, 2019, 9:47am

hello,

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  creationTimestamp: null
  name: shamilweb
  namespace: shamil
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
  entryPoints:
  - websecure # your HTTPS entrypoint
  routes:
  - kind: Rule
    match: Host(`shamil.co.uk`) && PathPrefix(`/`)
    middlewares: []
    tls: {}
    services:
    - name: shamilweb
      port: 80

shamil · December 9, 2019, 11:50am

Hi @ldez, it still doesn't work. What data can I give?

time="2019-12-09T11:52:32Z" level=debug msg="Creating middleware" routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd serviceName=shamil-shamilweb-6796d72460223401241e middlewareName=pipelining middlewareType=Pipelining entryPointName=websecure
time="2019-12-09T11:52:32Z" level=debug msg="Creating load-balancer" entryPointName=websecure routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd serviceName=shamil-shamilweb-6796d72460223401241e
time="2019-12-09T11:52:32Z" level=debug msg="Creating server 0 http://192.168.152.42:8080" routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd serviceName=shamil-shamilweb-6796d72460223401241e entryPointName=websecure serverName=0
time="2019-12-09T11:52:32Z" level=debug msg="Added outgoing tracing middleware shamil-shamilweb-6796d72460223401241e" entryPointName=websecure routerName=shamil-shamilweb-6796d72460223401241e@kubernetescrd middlewareType=TracingForwarder middlewareName=tracing
time="2019-12-09T11:53:10Z" level=debug msg="Serving default certificate for request: \"shamil.co.uk\""
time="2019-12-09T11:53:12Z" level=debug msg="Serving default certificate for request: \"shamil.co.uk\""

shamil · December 11, 2019, 5:21pm

@ldez after disabling CloudFlare's proxying, I'm able to get an SSL cert delivered by Traefik, but it's the default one... how do I get an ACME cert?

I noticed this in my logs:

time="2019-12-11T17:21:23Z" level=info msg="Testing certificate renew..." providerName=default.acme
time="2019-12-11T17:21:23Z" level=debug msg="Configuration received from provider default.acme: {\"http\":{},\"tls\":{}}" providerName=default.acme
time="2019-12-11T17:21:23Z" level=debug msg="No default certificate, generating one"

shamil · December 12, 2019, 11:13pm

@ldez any ideas here?

Topic		Replies	Views
IngressRoute gives 404 on https Traefik v2 kubernetes-crd , kubernetes-ingress	1	1579	October 8, 2020
HTTP to HTTPS redirect Traefik v2 kubernetes-ingress	4	1332	August 13, 2020
404 on all the ingresses with TLS on AKS Traefik v2 kubernetes-ingress	3	459	February 23, 2024
HTTP works but HTTPS gives 404 page not found Traefik v2 kubernetes-crd , kubernetes-ingress	7	10272	September 23, 2020
Traefik 2.0 http to https Traefik v2 kubernetes-crd	1	424	November 28, 2019

HTTPS returns 404

Related topics