Self-Signed Certificated problem

Traefik Traefik v2
1

Good morning, everyone!
I want to access a website of mine, through HTTPS with a TLS certificate of my own, but when the browser (Mozilla, Chrome, Edge in all I have tried) tells me that it is insecure and yet I give him access, nothing happens. It doesn't show me my web, nor does it give me any error, nothing. It just loads for a long time until it gives up and stays on the insecure certificate page. I tried accessing it from HTTP, and it shows it perfectly. I've tried many different docker-composites and many other configurations in Traefik files, or even generating tls certificates for a specific web or wildcard that I intend to use. The traefik dashboard doesn't jump any error and shows as if everything was connected. The only thing that has caught my attention is the next line in the log, which I can't see where it comes from.

http: TLS handshake error from 192.168.1.1:62265: read tcp 192.168.32.3:443-\u003e192.168.1.1:62265 use of closed network connection"

With the basic tls example of docs.example the same thing happens to me, this makes me think that the problem does not lie in the docker-compose, nor in the configuration files. The dns service I use is Duckdns, for what it's worth.
The ports are fine because if I could access the web through the 80 and through the 443 also accesses, but stays on the page to accept the risk and continue to be a self-signed certificated.

cert
cert988×1064 31.2 KB
risk
risk936×628 26.7 KB

(In this case, I use an exclusive domain for whoami.mydomain.duckdns.org,
but with a wildcard certificate the same thing happens)

I even tried the compose Let's Encrypt, on a trial basis, unchecking the line so that it would create the test/debug certificates, but the same problem occurs. I can see the certificate, but it doesn't load my website.

docker-compose:

version: "3.3"
services:  traefik:
    image: "traefik:v2.2"
    container_name: "traefik"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./conf:/etc/traefik"
  whoami:
    image: "containous/whoami"
    container_name: "simple-service"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.midominio.duckdns.org`)"
      - "traefik.http.routers.whoami.entrypoints=web, websecure"
      - "traefik.http.routers.whoami.tls=true"

Static Traefik

# STATIC CONF
entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"
providers:
  file:
    filename: /etc/traefik/dynamic/dynamic_conf.yml
    watch: true
  docker:
    endpoint: "unix:///var/run/docker.sock"
    watch: true
    network: traefik
    exposedbydefault: false# Dashboard
api:
  insecure: true
  dashboard: true# Writing Logs to a File, in JSON
log:
  filePath: "/etc/traefik/log/log-file.log"
  format: json
  level: DEBUG
accessLog:
  filePath: "/etc/traefik/log/accesslog-file.log"
  format: json

Dynamic Traefik

## Dynamic configuration
http:
  routers:
    ha-router:
      entrypoints:
        - web
        -websecure
      rule: Host(`homeassistant.midominio.duckdns.org`)
      middlewares:
        - auth
      service: ha-service
  middlewares:
    auth:
      basicAuth:
        users:
          - "***:***"
        headerField: "X-WebAuth-User"
        removeHeader: false
  services:
    ha-service:
      loadBalancer:
        servers:
          - url: 'http://172.17.0.1:8123'
tls:
  certificates:
    - certFile: /etc/traefik/certs/tls.cert
      keyFile: /etc/traefik/certs/tls.key
  certResolver: /etc/traefik/certs/tls.csr

As now I'm just testing with whoami, I've removed the tls in the Home Assistant router, just to try faster and avoid confusion, when everything works my idea is to put a certified wildcard, and add it to HA

I've also tried putting in the Dynamic file:

tls:
  stores:
    default:
      defaultCertificate:
        certFile: /etc/traefik/certs/tls.cert
        keyFile: /etc/traefik/certs/tls.key
  certificates:
    - certFile: /etc/traefik/certs/tls.cert
      keyFile: /etc/traefik/certs/tls.key
      stores:
        - default

But nothings change.

To create the certificate keys (tls.cert and tls.key) I use the following command:

openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out tls.cert -keyout tls.key

and to get the csr out of the key, this one:

openssl req -new -key ./tls.key > tls.csr

I repeat that it may be too much text and difficult to know what my problem really is.
In any browser I am able to see that the page has a certificate and see that it is the one created by me, but at the moment I want to accept the risk (it is my own web and my own cert, there shouldn't be any problem) and continue, it doesn't access to the website, it stays all the time in the screen of the warning.
I don't know what to do anymore, I've been fighting with this same problem for almost a week and I'm exhausted. If someone is able to help me, I would be very grateful.
THANKS