Serving default certificate for request

Traefik Traefik v2
1

I can't set up an HTTPS connection using letsencrypt

proxy-1  | 2024-06-26T07:49:28Z DBG github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:228 > Serving default certificate for request: "mysite.com"
proxy-1  | 2024-06-26T07:49:28Z DBG github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:228 > Serving default certificate for request: "mysite.com"
proxy-1  | 2024-06-26T07:49:28Z DBG log/log.go:245 > http: TLS handshake error from 95.55.219.149:57144: remote error: tls: unknown certificate
proxy-1  | 2024-06-26T07:49:28Z DBG log/log.go:245 > http: TLS handshake error from 95.55.219.149:57145: remote error: tls: unknown certificate
proxy-1  | 2024-06-26T07:49:30Z DBG github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:228 > Serving default certificate for request: "mysite.com"
proxy-1  | 2024-06-26T07:49:30Z DBG github.com/traefik/traefik/v3/pkg/tls/tlsmanager.go:228 > Serving default certificate for request: "mysite.com"
proxy-1  | 2024-06-26T07:49:30Z DBG log/log.go:245 > http: TLS handshake error from 95.55.219.149:57225: remote error: tls: unknown certificate
proxy-1  | 2024-06-26T07:49:30Z DBG log/log.go:245 > http: TLS handshake error from 95.55.219.149:57228: remote error: tls: unknown certificate

my compose file looks like this

version: '3.10'

services:

  mibackend:
    image: mibackend:0.0.1
    restart: always
    labels:
      traefik.enable: true
      traefik.http.routers.mibackend.rule: "PathPrefix(`/`)"
      traefik.http.routers.mibackend.entrypoints: "web"
      traefik.http.routers.mibackend.service: "mibackend"
      traefik.http.services.mibackend.loadbalancer.server.port: 8082

  mongo:
    image: mongo
    restart: always
    container_name: mongodb
    ports:
      - "27017:27017"
    environment:
      MONGO_INITDB_ROOT_USERNAME: admin
      MONGO_INITDB_ROOT_PASSWORD: 12345

  proxy:
    image: traefik:v3.0
    ports:
      - target: 80
        published: 80
        mode: host
      - target: 443
        published: 443
        mode: host
    volumes:
      - ./letsencrypt:/letsencrypt"
      - ./config/traefik.yaml:/etc/traefik/traefik.yaml
      - /var/run/docker.sock:/var/run/docker.sock

  whoami:
    image: traefik/whoami
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`minimateka.ru`)"
      - "traefik.http.routers.whoami.entrypoints=websecure"
      - "traefik.http.routers.whoami.tls.certresolver=myresolver"

and my traefic.yml file look like this

api:
  debug: true
  dashboard: true
  insecure: true

log:
  level: DEBUG

accessLog: {}

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
    watch: true

entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"

certificatesResolvers:
  myresolver:
    acme:
      email: mymail@gmail.com
      storage: ./letsencrypt/acme.json
      caserver: https://acme-staging-v02.api.letsencrypt.org/directory
      httpchallenge:
        entryPoint: web

I also noticed that the certificate didn’t seem to be downloaded to the correct folder, what did I do wrong?

root@khlqoxmuls:~/MiBackend# cd letsencrypt
root@khlqoxmuls:~/MiBackend/letsencrypt# ls
root@khlqoxmuls:~/MiBackend/letsencrypt#
2

Compare to simple Traefik example.

The issue is probably that you only use PathPrefix() and no Host() on router.

Enable and check Traefik dashboard, Traefik debug log and Traefik access log in JSON format.