I have setup traffic to use a certificate that I provide in a folder. So far that works when defining the cert as default - didn't manage to bind it only to https endpoint . The setup looks like this:
traefik-test:
image: traefik:v2.5
container_name: traefik-test
restart: always
command:
- "--log.level=DEBUG"
- "--api=true"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.network=traefik_proxy_test"
- "--serversTransport.insecureSkipVerify=true"
- "--entrypoints.https.address=:443"
- "--providers.file=true"
- "--providers.file.filename=/dyn/dynamic.toml"
networks:
- traefik_proxy_test
ports:
- "444:443"
- "8082:8080"
volumes:
- ${USERDIR}/docker/traefik/ssl:/etc/traefik/ssl
- ${USERDIR}/docker/traefik/dyn:/dyn
- /var/run/docker.sock:/var/run/docker.sock:ro
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik_proxy_test"
- "traefik.http.routers.traefik.rule=Host(`test.${DOMAINNAME}`)"
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefikloadbalancer.server.port=8080"
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "/etc/traefik/ssl/cert.pem"
keyFile = "/etc/traefik/ssl/key.pem"
However refreshing the certificate by replacing the files does not work. I need to restart traefik to recognize the new certificates. Is there a better way to make traefik aware of updated certificates? I don't like to terminate my users.