mTLS between Traefik and Backend service

Traefik Traefik v2 (latest)
1

Hi all,

I had been reading since couple of weeks the topic of mTLS with Traefik. I can find in the internet it is possible to configure Traefik use mTLS from external client to Traefik. In my case I'm interested in mTLS between Traefik itself and the backend service, so that the communication between Traefik and Backend is "secure".

I was reading this option

But not sure if it will make the Traefik request to my backend to use mTLS or not. I just need to get a confirmation from someone so that I can start implementing it, or if someone can share its experience would be great.

Thanks in advance

2

In general you can define a serverTransport with custom certs that you can assign to a Traefik service to use it to connect to the target service with TLS.

3

Hi @bluepuma77

So it means, that the serverTransport should be applied to the Traefik service(container) since it is the one being the client in this case? It should not be declare on the backend service?

thanks

4

You can apply it globally on entrypoint (static config) or assign it to a single Traefik service in dynamic config.

5

When we say Traefik service, we mean the Traefik instance service itself or a service served by Traefik meaning this Traefik Services Documentation - Traefik?

thanks

6

Ok, with some testing, manage to understand it. You meant the service configuration in Traefik. Now it is working.

thanks for the help understanding

7

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.