I'm trying to get traefik setup for the first time in docker. I've been searching and trying things for a couple days. Most "howtos" I find are people using cloudflare or something like it.
Can anyone point me to some help on how to setup traefik with a self hosted DNS?
My understanding is you have to use DNS challenge for wildcard certificates. (?)
How do I create the DNS challenge with self hosted DNS?
Any guidance is highly appreciated.
Thanks!
You are talking about different things: DNS and TLS/SSL/https.
DNS will resolve a domain name into an IP address. If you are talking about a local DNS, then the domain name can only be resolved internally.
LetsEncrypt creates TLS certs for public domain names, you need to verify with a Traefik certresolver, which won’t work with local DNS.
You can manually create your own TLS certs and load them in Traefik dynamic config file, which needs to be loaded in static config with providers.file. But your browser client will not trust the cert unless you import it somehow.
I run my own public domain using my own DNS on bind.
It is not only internal.
Wow, then you can use simple httpChallenge or tlsChallenge with Traefik LetsEncrypt, just need to use the standard ports 80 or 443 for Traefik.
dnsChallenge is more complex, it talks to the DNS provider to create a TXT entry. Your DNS software would need to support that. Only really required when using wildcards or more that 50 domains (new per week).
Sorry, just saw this. I thought I read that DNS Challenge was required for using a wildcard cert with LetsEncrypt. Not like I'm going to have a ton of sites, so I could probably just do an individual cert for each as long as the renewals work as expected.
I did find this document, which I think is what I'm looking for: Traefik Docker TLS Challenge Documentation - Traefik
I'll give this a go.
Appreciate your input.