Hello all! I've been trying to use a self signed certificate with traefik, to secure all *.localhost domains. I'm tryin to make the traefik dashboard be accessible at traefik.localhost, with other services being accessible at either something.localhost or something.somewhere.localhost. I can reach the dashboard via http, if I change the entrypoint to "web". But it doesn't work with web-secure/https. I get error 404 in this case.
My files are as follows:
Docker compose:
version: "3.8"
services:
traefik:
image: "traefik:latest"
ports:
- "80:80"
- "443:443"
volumes:
- "./certs:/etc/traefik/certs"
- "./traefik/traefik.yaml:/etc/traefik/traefik.yml"
- "./traefik/dynamic.yaml:/etc/traefik/dynamic.yml"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.entrypoints=web-secure"
- "traefik.http.routers.api.rule=Host(`traefik.localhost`)"
- "traefik.http.routers.api.service=api@internal"
networks:
frontend:
backend:
networks:
frontend:
driver: "bridge"
backend:
driver: "bridge"
Static Configuration:
api:
insecure: true
entryPoints:
web:
address: ":80"
web-secure:
address: ":443"
providers:
docker:
exposedByDefault: false
file:
filename: "/etc/traefik/dynamic.yml"
log:
level: DEBUG
Dynamic Configuration:
tls:
stores:
default:
defaultCertificate:
certFile: "/etc/traefik/certs/cert.crt"
keyFile: "/etc/traefik/certs/cert.key
Upon inspecting the logs, I see the error message:
2023-07-20 17:51:00 time="2023-07-20T12:21:00Z" level=debug msg="Serving default certificate for request: \"traefik.localhost\""
2023-07-20 17:51:00 time="2023-07-20T12:21:00Z" level=debug msg="http: TLS handshake error from 192.168.0.1:49644: remote error: tls: unknown certificate"
2023-07-20 17:51:02 time="2023-07-20T12:21:02Z" level=debug msg="Serving default certificate for request: \"traefik.localhost\""
2023-07-20 17:51:02 time="2023-07-20T12:21:02Z" level=debug msg="http: TLS handshake error from 192.168.0.1:49648: remote error: tls: unknown certificate"
2023-07-20 17:51:02 time="2023-07-20T12:21:02Z" level=debug msg="Serving default certificate for request: \"traefik.localhost\""
I've tried to add the certificates to keychain on my machine, to see if that might be the issue, but it did not work.
Any help with this is greatly appreaciated. I'm still trying to understand all this, so if you can please explain what I did wrong, then I would like to study it in more detail. Thanks!