Hi !
I'm having issues trying to setup a wildcard certificate on my Traefik install on a Kubernetes cluster.
I'm using helm to setup Traefik and can't seem to find the proper way of setting this up and always end with Traefik signing it's own certificate...
Do any of you know of a simple example for doing that ? I had a LetsEncrypt config working just fine but I need to replace it with a "proper" certificate.
I can provide some example fails but I think the usefulness will be limited.
Add something like this to your dynamic configuration:
tls:
certificates:
- certFile: /etc/traefik/ssl/cloudflare-origin.crt
keyFile: /etc/traefik/ssl/cloudflare-origin.key
If you even want to verify the Client Certificate you could use this:
tls:
certificates:
- certFile: /etc/traefik/ssl/cloudflare-origin.crt
keyFile: /etc/traefik/ssl/cloudflare-origin.key
options:
default:
clientAuth:
# in PEM format. each file can contain multiple CAs.
caFiles:
- /etc/traefik/ssl/cloudflare-client.crt
clientAuthType: RequireAndVerifyClientCert
Hope this'll help 
SOLVED:
Fixed the issue by specifying the TLS secret on the IngressRoute like such :
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
namespace: default
name: oppus-curd
spec:
entryPoints:
- websecure
routes:
- match: Host(`api-dev.oppus.fr`)
kind: Rule
services:
- name: oppus-curd-service
port: 3000
tls:
secretName: oppus-tls-secret
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.