I am trying to setup Traefik to generate certificates for my docker containers however I keep getting the following error:
="Unable to obtain ACME certificate for domains \"whoami.brigidine.qld.edu.au\": unable to generate a certificate for the domains [whoami.brigidine.qld.edu.au]: error: one or more domains had a problem:\n[whoami.brigidine.qld.edu.au] time limit exceeded: last error: read udp 172.19.0.2:41478->192.168.30.55:53: i/o timeout\n" routerName=whoami@docker rule="Host(`whoami.brigidine.qld.edu.au`)" providerName=le.acme
Before I get this error I successfully get the prompt the update my external dns provider.
For my challenges I have created an acme-dns docker container that is also running behind Traefik. I can successfully request a certificate using the certify the web client however cannot request certificates using Traefik. The fact that I can request certificates successfully using an alternative client leads me to believe I have configured Traefik incorrectly.
My configs as followed:
docker-compose.yml (for traefik)
version: "3.7"
services:
traefik:
image: "traefik:latest"
container_name: "traefik"
hostname: "traefik"
restart: unless-stopped
ports:
- "80:80"
- "8080:8080"
- "443:443"
- "53:53"
- "53:53/udp"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik.yml:/traefik.yml:ro"
- "./acme.json:/acme.json"
environment:
ACME_DNS_API_BASE: http://acme-dns.brigidine.qld.edu.au
ACME_DNS_STORAGE_PATH: ./acme-dns.json
networks:
default:
external:
name: $DEFAULT_NETWORK
traefik.yml:
`## STATIC CONFIGURATION
log:
level: DEBUG
api:
insecure: true
dashboard: true
entryPoints:
web:
address: ":80"
https:
address: ":443"
dns-ep:
address: ":53"
dns-udp-ep:
address: ":53/udp"
certificatesResolvers:
le:
acme:
email: whitakerj@brigidine.qld.edu.au
storage: ".\acme.json"
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
dnsChallenge:
provider: acme-dns
delayBeforeCheck: 90
resolvers:
- "1.1.1.1:53"
- "8.8.8.8:53"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
`
docker-compose.yml for the whoami service:
version: "3"
services:
whoami:
image: containous/whoami
labels:
- traefik.enable=true
- traefik.http.routers.whoami.rule=Host(`whoami.brigidine.qld.edu.au`)
- traefik.http.routers.whoami.entrypoints=https
- "traefik.http.routers.whoami.tls=true"
- "traefik.http.routers.whoami.tls.certresolver=le"
networks:
default:
external:
name: $DEFAULT_NETWORK