Traefik can't find my own certificate SSL

Traefik Traefik v2
1

Hello,

I don't know why my Traefik can't find my own certificate... I have try a lot things but without success... All time I have the default certificate auto generate of Traefik...

If I delete the files chains.yml and middlewares.yml, Traefik can find my certificate.../

When I did a docker-compose log -f

traefik    | time="2022-07-06T12:19:55+02:00" level=debug msg="Serving default certificate for request: \"my.domain.fr\""
traefik    | time="2022-07-06T12:19:55+02:00" level=debug msg="http: TLS handshake error from XXX.XXX.XXX.XXX:59130: remote error: tls: unknown certificate"

My docker-compose.yml :

version: '3.3'

services:
  traefik:
    image: traefik:latest
    container_name: "traefik"
    networks:
      - traefik
    ports:
      - "80:80"
      - "443:443"
      # (Optional) Expose Dashboard
      - "8080:8080"  # Don't do this in production!
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./traefik/traefik.yml:/traefik.yml:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./traefik/rules:/rules:ro
      - ./traefik/certs:/certs:ro
      - /var/log/traefik:/var/log/traefik:rw
    environment:
      - TZ=${TZ}
    labels:
      - traefik.enable=true
      - traefik.http.services.traefik.loadbalancer.server.port=8080
    restart: unless-stopped
    read_only: true

networks:
  traefik:
    external: true

certs.yml

tls:
  certificates:
    - certFile: /certs/my.domain.fr.pem
      keyFile: /certs/my.domain.fr.key

chains.yml

http:
  middlewares:
    chain-secure:
      chain:
        middlewares:
          - middlewares-secure-headers
          - test-compress

traefik.yml

global:
  checkNewVersion: true
  sendAnonymousUsage: false  # true by default

# (Optional) Log information
# ---
log:
 level: DEBUG  # DEBUG, INFO, WARNING, ERROR, CRITICAL
 format: common  # common, json, logfmt

# (Optional) Accesslog
# ---
# accesslog:
  # format: common  # common, json, logfmt
  # filePath: /var/log/traefik/access.log

# (Optional) Enable API and Dashboard
# ---
api:
  dashboard: true  # true by default
  insecure: true

ping:
  manualRouting: true
  terminatingStatuscode: 503

# Entry Points configuration
# ---
entryPoints:
  web:
    address: :80
    # (Optional) Redirect to HTTPS
    # ---
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
          permanent: true
  websecure:
    address: :443

providers:
  docker:
    exposedByDefault: false  # Default is true
    network:
     - traefik
    watch: true
  file:
    directory: "/rules"
    watch: true

my tree

.
├── docker-compose.yml
├── README.md
└── traefik
    ├── certs
    │   ├── sub1.domain.fr.key
    │   ├── sub1.domain.fr.pem
    ├── rules
    │   ├── certs.yml
    │   ├── chains.yml
    │   └── middlewares.yml
    └── traefik.yml

I'm open for your ideas and suggestions :slight_smile: