Hello,
I'm wondering how traefik match the "Host" condition ?
I have a traefik v2 configuration which seem to work. If I run :
curl https://mysite.domain.com
I get the result.
But, if I run :
curl -k --header "Host:mysite.domain.com" https://192.168.1.1
I get a nice 404 error. I don't what I'm missing here.
PS : 192.168.1.1 is the local IP of traefik
PPS : -k option for curl is to avoid SSL checks
For TLS routers this is matched in the TLS hello.
Use curl's --resolve option and it will be sent correctly:
curl --insecure --resolve mysite.domain.com:443:192.168.1.1 https://mysite.domain.com
Thanks, but that's not what I want to achieve.
I want to explicity request with the IP.
It seems that the command
curl -k --header "Host:mysite.domain.com" https://192.168.1.1
doesn't work if in the config I use :
Host(mysite.domain.com)
And works if I use :
HostHeader(mysite.domain.com)
I don't understand the differences between the 2. For the Host config, Traefik doesn't check the Host header parameter ? What does it checks ?
HostHeader was recently added. But Host should work. What version of Traefik do you have?
v2.2.2 - 2.2.4 introduced and fixed some bugs. v2.2.5 Should be good though. I'm currently on 2.2.1 .
I will correct myself. The SNI is only required for certificate selection so the Host: mysite.domain.com header should work.
Care to share the config ?
I'm on version 2.2.5. Few months ago, the problem was not here, but can't remember the version.
About the config, it's pretty simple and classic.
Traefik.yml :
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: web-secure
scheme: https
web-secure:
address: ":443"
http:
tls:
certResolver: le
dynamic-conf.yml :
http:
routers:
mysite:
rule: "Host(`mysite.domain.com`)"
entryPoints:
- web-secure
service: mysite
services:
mysite:
loadBalancer:
servers:
- url: "http://192.168.20.10"
Ok found the origin: