Hi, I managed to obtain certificates with dnsChallange where I also have a different resolver for httpChallange. They both work with LetsEncrypt. I see that the resolver that uses dnsChallange cannot write in the storage where the other is writing acme.json
keeping in memory the certificate until a restart.
Is it explicitly forbidden? I couldn't find any note on that.
my conf:
[certificatesResolvers.leresolver.acme] │`)" providerName=leresolver.acme routerName=oldj@docker
#tlsChallenge = true │time="2021-06-02T09:37:49Z" level=debug msg="No ACME certificate generation required for domains [\"old.isolmant.thux.dev\"]." providerName=leresolver.acme ro
email = "my@email.com" │uterName=oldj@docker rule="Host(`old.isolmant.thux.dev`)"
storage = "/etc/traefik/acme.json" │time="2021-06-02T09:37:49Z" level=debug msg="Looking for provided certificate(s) to validate [\"docker2.thux.dev\"]..." rule="Host(`docker2.thux.dev`)" provid
│erName=leresolver.acme routerName=traefik@docker
[certificatesResolvers.leresolver.acme.httpChallenge] │time="2021-06-02T09:37:49Z" level=debug msg="No ACME certificate generation required for domains [\"docker2.thux.dev\"]." routerName=traefik@docker rule="Host
# used during the challenge │(`docker2.thux.dev`)" providerName=leresolver.acme
entryPoint = "web" │time="2021-06-02T09:37:49Z" level=debug msg="Looking for provided certificate(s) to validate [\"taskflow.thux.dev\"]..." providerName=leresolver.acme routerNa
│me=taskflow-dj-staging@docker rule="Host(`taskflow.thux.dev`) && PathPrefix(`/admin`, `/static`, `/api`, `/media`)"
[certificatesResolvers.le-gandi.acme] │time="2021-06-02T09:37:49Z" level=debug msg="No ACME certificate generation required for domains [\"taskflow.thux.dev\"]." providerName=leresolver.acme router
storage = "/etc/traefik/acme.json" │Name=taskflow-dj-staging@docker rule="Host(`taskflow.thux.dev`) && PathPrefix(`/admin`, `/static`, `/api`, `/media`)"
│time="2021-06-02T09:37:49Z" level=debug msg="Looking for provided certificate(s) to validate [\"opencapital.thux.dev\"]..." providerName=leresolver.acme route
[certificatesResolvers.le-gandi.acme.dnsChallenge] │rName=opencapital@docker rule="Host(`opencapital.thux.dev`)"
provider = "gandiv5" │time="2021-06-02T09:37:49Z" level=debug msg="No ACME certificate generation required for domains [\"opencapital.thux.dev\"]." providerName=leresolver.acme rou
Clearly, no problem using a different store for these certificates... the docs say it cannot be shared between different instances of traefik, does not say it cannot be shared between resolvers.