I’m setting up traefik in Docker to redirect http to https and grab the cert using lets encrypt.
It appears the cert is being acquired, https redirect is working however when going to my domain I have to add an exception as the cert is not being used.
docker-compose.yml
The certs are listed as valid in acme.json, the docker container logs show no errors. I’ve poked around a bit but don’t seem to see what’s going on here. Any ideas?
Thanks
version: "3.3"
services:
traefik:
image: "traefik:v2.0.7"
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --api
- --certificatesresolvers.le.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.le.acme.email=letsencrypt@labdomain.cloud
- --certificatesresolvers.le.acme.storage=/acme.json
- --certificatesresolvers.le.acme.tlschallenge=true
ports:
- "80:80"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "/docker/acme.json:/acme.json"
labels:
# Dashboard
- "traefik.http.routers.traefik.rule=Host(`traefik.labdomain.cloud`)"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=le"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.middlewares=authtraefik"
- "traefik.http.middlewares.authtraefik.basicauth.users=user:$$apr1$$q8eZFHjF$$Fvmkk//V6Btlaf2i/ju5n/" # user/password
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
my-app:
image: containous/whoami:v1.3.0
labels:
- "traefik.http.routers.my-app.rule=Host(`whoami.labdomain.cloud`)"
- "traefik.http.routers.my-app.tls=true"
- "traefik.http.routers.my-app.tls.certresolver=le"