Following along in the docs DNS Challenge - Traefik and enabled staging to test if things would work before using cloudflare, composed down, removed the folders, comment the staging line, saved, and brought the compose file back up but when i visit whoami i still have a cert warning and it shows up as staging cert?
last debug message is
traefik | time="2022-01-24T03:04:39Z" level=debug msg="Try to challenge certificate for domain [whoami.mydomain.xyz] found in HostSNI rule" providerName=myresolver.acme routerName=whoami@docker rule="Host(`whoami.mydomain.xyz`)"
traefik | time="2022-01-24T03:04:39Z" level=debug msg="Looking for provided certificate(s) to validate [\"whoami.mydomain.xyz\"]..." rule="Host(`whoami.mydomain.xyz`)" providerName=myresolver.acme routerName=whoami@docker
traefik | time="2022-01-24T03:04:39Z" level=debug msg="No ACME certificate generation required for domains [\"whoami.mydomain.xyz\"]." providerName=myresolver.acme routerName=whoami@docker rule="Host(`whoami.mydomain.xyz`)"
traefik | time="2022-01-24T03:05:22Z" level=debug msg="http: TLS handshake error from 192.168.12.19:50084: remote error: tls: unknown certificate authority"
version: "3.3"
services:
traefik:
image: "traefik:v2.5"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.dnschallenge=true"
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare"
# - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=mymail@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
environment:
- "CF_API_EMAIL=mymail@gmail.com"
- "CF_API_KEY=asd"
# - "CF_DNS_API_TOKEN=asd"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
whoami:
image: "traefik/whoami"
container_name: "simple-service"
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`whoami.mydomain.xyz`)"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.tls.certresolver=myresolver"