Traefik suddenly started timing out all https requests without any configuration changes.
Certificates don't expire for another month. (Note, I have 600+ domains in my acme.json)
Nothing is blocking the connection. Different clients, on different networks, produce the same result.
http request on client using curl
http request on the same server using curl
$ openssl s_client -connect re.mo.t.e:443
CONNECTED(00000003)
# hangs, nothing further
IP re.mo.t.e.52610 > se.rv.e.r.443: Flags [S], seq 4147214157, win 64240, options [mss 1452,sackOK,TS val 2813386064 ecr 0,nop,wscale 7], length 0
IP se.rv.e.r.71.443 > re.mo.t.e.52610: Flags [S.], seq 2368694230, ack 4147214158, win 65160, options [mss 1460,sackOK,TS val 1376235471 ecr 2813386064,nop,wscale 7], length 0
IP re.mo.t.e.52610 > se.rv.e.r: Flags [.], ack 1, win 502, options [nop,nop,TS val 2813386072 ecr 1376235471], length 0
IP re.mo.t.e.52610 > se.rv.e.r.443: Flags [R.], seq 1, ack 1, win 0, options [nop,nop,TS val 2813386075 ecr 1376235471], length 0
command:
- '--ping=true'
- '--ping.entrypoint=http'
- '--api.dashboard=true'
- '--entrypoints.http.address=:80'
- '--entrypoints.https.address=:443'
- '--entrypoints.http.http.encodequerysemicolons=true'
- '--entryPoints.http.http2.maxConcurrentStreams=250'
- '--entrypoints.https.http.encodequerysemicolons=true'
- '--entryPoints.https.http2.maxConcurrentStreams=250'
- '--entrypoints.https.http3'
- '--providers.file.directory=/traefik/dynamic/'
- '--providers.file.watch=true'
- '--certificatesresolvers.letsencrypt.acme.httpchallenge=true'
- '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http'
- '--certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json'
- '--api.insecure=false'
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
- '--log.level=DEBUG'