disclaimer: I'm fairly new to Docker and Traefik. I'm slowly progressing and getting to know my Traefik environment.
I have a Docker swarm, in which I currently run these containers using docker-compose: Traefik, viz and a webserver (whoami). I successfully do reverse-proxy for viz and webserver, and have the TLS certificates from letsencrypt. I also managed to put in an authentication and security headers middleware using a dynamic configuration file.
I have another internal website running (which I call Digimon), outside of my docker container. I want to reverse proxy this website using a Letsencrypt certificate too. However, these certificates do not get downloaded, and I'm presented with the default Traefik certificate. The DNS record has been created in my domain.
The Traefik log shows : time="2019-12-13T10:27:17Z" level=error msg="error while parsing rule HostSNI(
digimon.domain.com): unsupported function: HostSNI" entryPointName=websecure routerName=digimon@file
The access log shows: "time="2019-12-13T10:18:03Z" level=debug msg="http: TLS handshake error from 10.0.0.3:63465: remote error: tls: unknown certificate"
What am I doing wrong ?
This is the dynamic configuration file:
tls: options: default: # sniStrict: true minVersion: VersionTLS13 mintls13: minVersion: VersionTLS13 http: middlewares: auth: basicAuth: users: - “test:pwd” d-auth: digestAuth: users: - “test:realm:pwd” realm: "realm" security-headers: headers: AccessControlAllowOrigin: "origin-list-or-null" sslRedirect: true stsSeconds: 315360000 STSPreload: true stsIncludeSubdomains: true browserXssFilter: true contentTypeNosniff: true forceSTSHeader: true frameDeny: true services: digimon: loadBalancer: servers: - url: "http://192.168.0.10/" routers: digimon: entryPoints: - "websecure" rule: "HostSNI(`digimon.domain.com`)" middlewares: - d-auth - security-headers service: digimon tls: certresolver: mytlschallenge```