Unfortunately I don't have an answer but I have the exact same problem. Hopefully someone more knowledgeable can help.
EDIT: looks like in my case at least I had to enable the file provider specifically in my config, in addition to my docker provider. @aleksvujic Cheers!
or at leaset to a dynamic file... very strange, but that way it works..
@aleksvujic Can not reply, so edited this post:
yes, you must point it to the config file, where you set the tls default cert
I just tried it, to split it up in 2 config files. works, as long, the certificate is set in the file you point the file prvider to. AND the watch: true
Before a new release of Traefik is done with the fix, you should stay on a file for the dynamic configuration, OR be aware that updates inside the watched directory might not be picked by Traefik unless restarted.
Thanks a lot! But my problem was not to understand the basics, but that I dit not found anything in the documentation that the file provider must be setup to use a local certificate...
To add / remove TLS certificates, even when Traefik is already running, their definition can be added to the dynamic configuration, in the [[tls.certificates]] section:
Restriction
In the above example, we've used the file provider to handle these definitions. It is the only available method to configure the certificates (as well as the options and the stores). However, in Kubernetes, the certificates can and must be provided by secrets.
Ok, this was not as clear to me as. But obviously not only for me. I would add the code-snipped as well, that the file-provider must be registered as well in the static configuration.
But THX
PS: don't get me wrong, I love traefik. but this took me almost 3 days of debugging. and I am pretty sure there will others also come across this problem.
I would like to ask: In v2, is there at this moment a way to configure the default certificate in Kubernetes without having to switch to static mode / yml file inside the containers? Is it possible to pass it via command line parameters in the deployment?
I get this too... @joeherold s there any way to do what you did but in a docker-compose file? I'm trying to do this without more config files - and I understand that is possible in docker-compose using 'labels:' and 'command:'
Also, I'm trying to figure out why in traefik's DEBUG output is says
"Adding certificate for domain(s)"
and
"No default certificate, generating one"
twice for each.
Did you figure out if this is possible? I, too, have been using compose files for all other config values, so it seems odd that a separate file would be required in this situation. Any insights appreciated.