Crofex
June 2, 2021, 10:49am
1
Hello there!
I´m fairly new to Docker and Traefik but I managed to reverse Proxy my internal Exchange with Traefik. Connections can be established most of the Time. We don´t use RPC over HTTP but MAPI over HTTP.
Now and then our employees get connection issues with our Exchange and we cant find the cause for this.
Our Container Log is full of:
Our Config File looks like this
tcp:
routers:
https.activesync.DOMAIN.de:
rule: HostSNI(`activesync.DOMAIN.de`)
entryPoints:
- websecure
service: activesync.DOMAIN.de
tls:
passthrough: true
services:
activesync.DOMAIN.de:
loadBalancer:
servers:
- address: interal.ip.of.Exchange:443
What does these Errormsg mean?
Can someone help?
Thanks in advance
Chris
jbd
June 4, 2021, 12:37pm
2
Hello @Crofex ,
Thanks for your interest in Traefik!
You can try to define an appropriate termination delay on your TCP load balancer with the value you mentioned in the Github issue :
LB TCP Idle time out = 35 minutes
So, it could be something like:
services:
activesync.DOMAIN.de:
loadBalancer:
terminationDelay: 35m
servers:
- address: interal.ip.of.Exchange:443
Let me know if it resolves your issue
1 Like
Crofex
June 4, 2021, 12:48pm
3
Hi,
thanks for the reply.
I added this inside my config and got many Errors and Certificate Warnings.
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="http: TLS handshake error from 10.16.31.111:52066: remote error: tls: unknown certificate"
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="http: TLS handshake error from 95.90.251.94:22597: remote error: tls: unknown certificate"
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="http: TLS handshake error from 80.187.115.159:26402: remote error: tls: unknown certificate"
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="http: TLS handshake error from 80.187.115.216:46114: remote error: tls: unknown certificate"
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="Serving default certificate for request: \"activesync.DOMAIN.de\""
reverse-proxy_1 | time="2021-06-04T14:43:49+02:00" level=debug msg="http: TLS handshake error from 93.209.214.119:42742: remote error: tls: unknown certificate"
Without Termination delay - I get the certificate from our Exchange-Server
WITH the delay I get the default traefik-cert which is not trusted.
jbd
June 4, 2021, 2:20pm
4
Could you provide a minimal reproducible case?