I keep getting bad cert

manoThanabalan · November 23, 2019, 10:01pm

Hi Everyone, I had a sweet reliable 1.7 setup and today i made what seems to be a mistake of upgrading because i am getting this annoying msg:

level=debug msg="http: TLS handshake error from 10.255.0.2:65023: remote error: tls: bad certificate"

here is my docker stack file:

version: '3.6'

services:

  traefik:
    image: traefik:2.0.5 # The official Traefik docker image
    hostname: traefik
    networks:
      - im_app_network
    ports:
      - "80:80"     # The HTTP port
      - "8080:8080" # The Web UI (enabled by --api)
      - "443:443"     # The HTTPS port
    deploy:
      placement:
        constraints:
          - node.hostname == imbox.immin.io
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
        - "traefik.http.routers.http-catchall.entrypoints=web"
        - "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker"
        - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      restart_policy:
        condition: on-failure
    volumes:
      - traefik-certificates:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro # So that Traefik can listen to the Docker events
    command:
      - "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=im_app_network"
      - "--providers.docker.swarmMode=true"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.mydnschallenge.acme.dnschallenge=true"
      - "--certificatesresolvers.mydnschallenge.acme.dnschallenge.provider=route53"
      #- "--certificatesresolvers.mydnschallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      - "--certificatesresolvers.mydnschallenge.acme.email="
      - "--certificatesresolvers.mydnschallenge.acme.storage=/letsencrypt/acme.json"
      - "--serverstransport.insecureskipverify"

And here is a sample app i am trying to deploy:

  cosmos-stats:
    image: dockerregistry.immin.io/quorum_netstats:latest
    hostname: cosmos-stats
    networks:
      - im_app_network
    environment:
      WS_SECRET:
    deploy:
      resources:
        limits:
          cpus: '2'
          # memory: 50M
      restart_policy:
        delay: 10s
        max_attempts: 1
        window: 60s
      labels:
        - "traefik.http.services.cosmos-stats.LoadBalancer.server.port=3000"
        - "traefik.enable=true"
        - "traefik.docker.network=im_app_network"
        - "traefik.http.routers.cosmos-stats_http.entryPoints=web"
        - "traefik.http.routers.cosmos-stats_http.rule=Host(`cosmos-stats.immin.io`)"
        - "traefik.http.routers.cosmos-stats_https.entryPoints=websecure"
        - "traefik.http.routers.cosmos-stats_https.rule=Host(`cosmos-stats.immin.io`)"
        - "traefik.http.routers.cosmos-stats_https.tls.certresolver=mydnschallenge"
        - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"

Topic		Replies	Views
Traefik portainer bad certificate Traefik v2 (latest) docker-swarm	15	2695	December 19, 2022
TLS handshake error - unknown certificate Traefik v2 (latest) docker-swarm	6	29708	April 25, 2020
Traefik 2.10 bad certificate error from letsencrypt due dashboard and other services in spite of insecureSkipVerify Traefik v2 (latest) docker , letsencrypt-acme , tcp	2	718	September 17, 2023
"remote error: tls: bad certificate" with traefik:v2.0.0-beta1-alpine Traefik v2 (latest) docker , letsencrypt-acme	4	8448	January 12, 2020
My certificatesResolvers wasn't created when I want to use it Traefik v2 (latest) docker-swarm	1	581	November 5, 2019

I keep getting bad cert

Related Topics