Trafeik refuse 443 port

User1 · January 31, 2024, 7:46pm

Hello I Try to reach or ping 443 port to my ip with telnet it return refuse.

my traefik config like that:

global:
  checkNewVersion: false
  sendAnonymousUsage: false

# # -- (Optional) Change Log Level and Format here...
log:
  level: DEBUG
  format: common
  filePath: /var/log/traefik/traefik.log

# # -- (Optional) Enable Accesslog and change Format here...
accesslog:
  format: common
  filePath: /var/log/traefik/access.log

# -- (Optional) Enable API and Dashboard here, don't do in production
api:
  dashboard: true
  insecure: true

# -- Change EntryPoints here...
entryPoints:
  web:
    address: :80
    # -- (Optional) Redirect all HTTP to HTTPS
    # http:
    #   redirections:
    #     entryPoint:
    #       to: websecure
    #       scheme: https
  websecure:
    address: :443
  # -- (Optional) Add custom Entrypoint
  # custom:
  #   address: :8080

# -- Configure your CertificateResolver here...
# certificatesResolvers:
  # Staging Certificate Resolver for testing purposes
  # staging:
  #   acme:
  #     email: projectseriesbackendfrontend@duck.com
  #     storage: etc/traefik/certs/acme.json
  #     caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
      
  #     # -- (Optional) Remove this section when using DNS Challenge
  #     httpChallenge:
  #       entryPoint: web
        
      # -- (Optional) Configure DNS Challenge
      # dnsChallenge:
      #   provider: cloudflare
      #   resolvers:
      #     - "1.1.1.1:53"
      #     - "8.8.8.8:53"

  # Production Certificate Resolver
  # production:
  #   acme:
  #     email: projectseriesbackendfrontend@duck.com
  #     storage: etc/traefik/certs/acme.json
  #     caServer: "https://acme-v02.api.letsencrypt.org/directory"
       
  #     # -- (Optional) Remove this section when using DNS Challenge
  #     httpChallenge:
  #       entryPoint: web
        
      # -- (Optional) Configure DNS Challenge
      # dnsChallenge:
      #   provider: cloudflare
      #   resolvers:
      #     - "1.1.1.1:53"
      #     - "8.8.8.8:53"

# -- (Optional) Disable TLS Cert verification check
serversTransport:
  insecureSkipVerify: true

# -- (Optional) Overwrite Default Certificates
# tls:
#   stores:
#     default:
#       defaultCertificate:
#         certFile: /etc/traefik/certs/cert.pem
#         keyFile: /etc/traefik/certs/cert-key.pem
# -- (Optional) Disable TLS version 1.0 and 1.1
#   options:
#     default:
#       minVersion: VersionTLS12

providers:
  docker:
    # -- (Optional) Enable this, if you want to expose all containers automatically
    exposedByDefault: false
    
  file:
    directory: /etc/traefik
    watch: true


metrics:
  prometheus:
    entryPoint: web

When traefik opened

root@Ubuntu2204-Safe:~# telnet localhost 443
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
root@Ubuntu2204-Safe:~# telnet 163.**.**.19 443
Trying 163.**.**.19...
telnet: Unable to connect to remote host: Connection refused
root@Ubuntu2204-Safe:~#

my trafeik docker compose yml like that

version: "3.3"

services:

  traefik:
    image: "traefik:v2.10"
    container_name: "traefik"
    command:
      - --api=true
      - --api.dashboard=true
      - --api.insecure=true
      - --providers.docker=true
      - --providers.docker.exposedbydefault=false
      # - --log.level=DEBUG
      - --accesslog=true
      - --entryPoints.web.address=:80
      - --entryPoints.websecure.address=:443
      # - --certificatesresolvers.letsencrypt.acme.httpChallenge=true
      # - --certificatesresolvers.letsencrypt.acme.email=projectseriesbackendfrontend@duck.com
      # - --certificatesResolvers.letsencrypt.acme.storage=/etc/acme/acme.json
      # - --certificatesResolvers.letsencrypt.acme.httpChallenge.entryPoint=web
    # labels:
      # - "traefik.enable=true"
      # - "traefik.http.routers.api.rule=Host(`host.example.com`)"
      # - "traefik.http.routers.api.service=api@internal"
      # - "traefik.http.routers.api.middlewares=auth"
      # - "traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$RVhbSq/o/Xb/"  
      
    ports:
      - "80:80"
      # - 443:433
      - 443:433
      - "8080:8080"
      # - 3000:3000
    volumes:
       - "/var/run/docker.sock:/var/run/docker.sock"
       - ./config:/etc/traefik
       - ./config/log:/var/log/traefik/
    restart: unless-stopped
    # networks:
    #         - supabase_network_supabase
# networks:
#   supabase_network_supabase:
#     external: true

my acces logs like that but it works only 80 port

176.40.243.37 - - [31/Jan/2024:19:28:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 14 "api@internal" "-" 0ms
176.40.243.37 - - [31/Jan/2024:19:29:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 15 "api@internal" "-" 0ms
176.40.243.37 - - [31/Jan/2024:19:30:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 16 "api@internal" "-" 0ms
176.40.243.37 - - [31/Jan/2024:19:31:45 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 17 "api@internal" "-" 0ms
176.40.243.37 - - [31/Jan/2024:19:33:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 1 "api@internal" "-" 1ms
176.40.243.37 - - [31/Jan/2024:19:34:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 2 "api@internal" "-" 0ms
176.40.243.37 - - [31/Jan/2024:19:35:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 3 "api@internal" "-" 0ms
176.40.243.37 - - [31/Jan/2024:19:36:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 4 "api@internal" "-" 0ms
176.40.243.37 - - [31/Jan/2024:19:37:44 +0000] "GET /api/overview HTTP/1.1" 200 502 "-" "-" 5 "api@internal" "-" 0ms

my allowed ports like that

root@Ubuntu2204-Safe:~# sudo netstat -tulpn | grep LISTEN
tcp        0      0 0.0.0.0:7070            0.0.0.0:*               LISTEN      737/anydesk         
tcp        0      0 127.0.0.1:45823         0.0.0.0:*               LISTEN      4325/code-8b3775030 
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      18986/docker-proxy  
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      768/sshd: /usr/sbin 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      19028/docker-proxy  
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      19006/docker-proxy  
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      702/systemd-resolve 
tcp        0      0 127.0.0.1:33527         0.0.0.0:*               LISTEN      3684/node           
tcp        0      0 0.0.0.0:9000            0.0.0.0:*               LISTEN      17835/docker-proxy  
tcp6       0      0 :::8080                 :::*                    LISTEN      18993/docker-proxy  
tcp6       0      0 ::1:3350                :::*                    LISTEN      2886/xrdp-sesman    
tcp6       0      0 :::3389                 :::*                    LISTEN      2896/xrdp           
tcp6       0      0 :::22                   :::*                    LISTEN      768/sshd: /usr/sbin 
tcp6       0      0 :::80                   :::*                    LISTEN      19034/docker-proxy  
tcp6       0      0 :::443                  :::*                    LISTEN      19014/docker-proxy  
tcp6       0      0 :::9000                 :::*                    LISTEN      17843/docker-proxy  
root@Ubuntu2204-Safe:~#

my firewall like that

root@Ubuntu2204-Safe:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
3389/tcp                   ALLOW       Anywhere                  
443/tcp                    ALLOW       Anywhere                  
OpenSSH                    ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
3389/tcp (v6)              ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)             
OpenSSH (v6)               ALLOW       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)             

root@Ubuntu2204-Safe:~#

and my test compose like that


version: '3'
services:
    front:
        image: strm/helloworld-http
        container_name: load-balancer
        networks:
            - traefik_default
        labels:
            - "traefik.enable=true"
            - "traefik.http.routers.grafana.rule=Host(`test.foobla.com`)"
            - traefik.http.routers.grafana.service=grafana
            - "traefik.http.routers.grafana.entrypoints=websecure"
            - "traefik.http.services.grafana.loadbalancer.server.port=80"
            # - "traefik.http.routers.grafana.middlewares=auth"
            # - "traefik.http.routers.grafana.tls=true"
            # - "traefik.http.routers.grafana.tls.certresolver=staging"  
            # - "traefik.http.middlewares.auth.basicauth.users=admin:$$2y$$10$$HfP4B44ou9.w0w/3/Jk6O.fds4CfhMfUCYKsgKFvCBK"  # Replace with your generated htpasswd
            # - "traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$RVhbOtar$$kp1/Smn/hu.IxxSq/o/Xb/"  # Replace with your generated htpasswd
    
networks:
  traefik_default:
    external: true

I try every idea to came my head but I couldnt opened.
So How I can open 443 port to wan side ?
any idea?

Edit: I installed apache2 and 443 port works. but trafeik not.

bluepuma77 · January 31, 2024, 8:52pm

You can only have one static Traefik config, either use traefik.yml or command:, decide for one.

You run this on a public cloud server or at home? Make sure there is no router or firewall in between with the port locked down.

User1 · January 31, 2024, 9:00pm

Im sure right now my VNC server ISP is not blocking 443 port.
Sorry for double config use I try every attemp but right now Im sure problem coming from traefik or docker.

bluepuma77 · January 31, 2024, 9:07pm

Run a simpler container and check if connectivity works on the ports:

docker run --rm -p 80:80 -p 443:80 traefik/whoami

User1 · January 31, 2024, 9:18pm

It works 443 port

now what is next step ?

bluepuma77 · January 31, 2024, 9:44pm

Not sure. This indicates that port 443 is not blocked by anything and that docker can open the firewall for the port. So if Traefik is not using it, either the compose ports is not right or Traefik is not opening an entrypoint.

User1 · January 31, 2024, 9:57pm

Okay I will answer tomorrow.

User1 · February 1, 2024, 7:42am

Okay I clear my config.

my docker compose

version: "3.3"

services:

  traefik:
    image: "traefik:v2.10"
    container_name: "traefik"   
    ports:
      - "80:80"
      - "443:433"
      - "8080:8080"
      
    volumes:
       - "/var/run/docker.sock:/var/run/docker.sock"
       - ./config:/etc/traefik
       - ./config/log:/var/log/traefik/
    restart: unless-stopped
  front:
      image: strm/helloworld-http
      container_name: load-balancer
      depends_on:
        - traefik
      networks:
            - traefik_default
      labels:
            - "traefik.enable=true"
            - "traefik.http.routers.grafana.rule=Host(`test.***.com`)"
            - traefik.http.routers.grafana.service=grafana
            - "traefik.http.routers.grafana.entrypoints=websecure"
            - "traefik.http.services.grafana.loadbalancer.server.port=80"
            - "traefik.http.routers.grafana.tls=true"
            - "traefik.http.routers.grafana.tls.certresolver=staging"  
          
networks:
  traefik_default:
    external: true

my config yaml like that:

global:
  checkNewVersion: false
  sendAnonymousUsage: false

# # -- (Optional) Change Log Level and Format here...
log:
  level: DEBUG
  format: common
  filePath: /var/log/traefik/traefik.log

# # -- (Optional) Enable Accesslog and change Format here...
accesslog:
  format: common
  filePath: /var/log/traefik/access.log

# # -- (Optional) Enable API and Dashboard here, don't do in production
api:
  dashboard: true
  insecure: true

# # -- Change EntryPoints here...
entryPoints:
  web:
    address: :80
  
  websecure:
    address: :443


# # -- Configure your CertificateResolver here...
certificatesResolvers:
  # Staging Certificate Resolver for testing purposes
  staging:
    acme:
      email: projectseriesbackendfrontend@duck.com
      storage: etc/traefik/certs/acme.json
      caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
      
      # -- (Optional) Remove this section when using DNS Challenge
      httpChallenge:
        entryPoint: web
# -- (Optional) Disable TLS Cert verification check
serversTransport:
  insecureSkipVerify: true


providers:
  docker:
    # -- (Optional) Enable this, if you want to expose all containers automatically
    exposedByDefault: false
    
  file:
    directory: /etc/traefik
    watch: true


metrics:
  prometheus:
    entryPoint: web

So still not working 443 port

I take this errors:

time="2024-02-01T07:48:10Z" level=error msg="HTTP challenge is not enabled" entryPointName=web routerName=acme-http@internal
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" entryPointName=web middlewareType=Recovery middlewareName=traefik-internal-recovery
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=web
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=metrics-entrypoint middlewareType=Metrics
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" middlewareType=Metrics entryPointName=traefik middlewareName=metrics-entrypoint
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" entryPointName=websecure serviceName=grafana middlewareType=Pipelining middlewareName=pipelining routerName=grafana@docker
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" entryPointName=websecure serviceName=grafana routerName=grafana@docker middlewareName=metrics-service middlewareType=Metrics
time="2024-02-01T07:48:10Z" level=debug msg="Creating load-balancer" routerName=grafana@docker entryPointName=websecure serviceName=grafana
time="2024-02-01T07:48:10Z" level=debug msg="Creating server 0 http://172.18.0.3:80" serviceName=grafana serverName=0 routerName=grafana@docker entryPointName=websecure
time="2024-02-01T07:48:10Z" level=debug msg="child http://172.18.0.3:80 now UP"
time="2024-02-01T07:48:10Z" level=debug msg="Propagating new UP status"
time="2024-02-01T07:48:10Z" level=debug msg="Added outgoing tracing middleware grafana" middlewareType=TracingForwarder entryPointName=websecure routerName=grafana@docker middlewareName=tracing
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareType=Recovery middlewareName=traefik-internal-recovery
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" middlewareType=Metrics middlewareName=metrics-entrypoint entryPointName=web
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=websecure
time="2024-02-01T07:48:10Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=metrics-entrypoint middlewareType=Metrics
time="2024-02-01T07:48:10Z" level=debug msg="Adding route for grafana.**.com with TLS options default" entryPointName=websecure
time="2024-02-01T07:48:10Z" level=error msg="the router grafana@docker uses a non-existent resolver: staging"

./config is /root/.config here for this reason maybe permission denied and certificate not created?
But if certified not created still needs to open https:// with no trusted page but right know directly refuse 443 port.

bluepuma77 · February 1, 2024, 8:23am

Use absolute path, add leading /:

Not sure what’s wrong. On one side it seems to not load the traefik.yml because of the errors "missing", on the other side it mentions metrics, which it does not by default.

Are you sure you have the file bind-mounted correctly? Check content inside Traefik container. And the log is the correct one from the current instance, which logs into a file inside the container?

You could try simple Traefik example. And check open ports with and without Traefik running (netstat -tulpn).

User1 · February 1, 2024, 8:35am

I deleted the cert storage property on dynamic conf now created automatically somewhere but gives another error.


time="2024-02-01T08:25:30Z" level=debug msg="Skipping unchanged configuration." providerName=file

time="2024-02-01T08:25:46Z" level=info msg="Traefik version 2.10.7 built on 2023-12-06T15:54:59Z"

time="2024-02-01T08:25:46Z" level=debug msg="Static configuration loaded {\"global\":{},\"serversTransport\":{\"insecureSkipVerify\":true,\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}},\"websecure\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":\"10s\"},\"respondingTimeouts\":{\"idleTimeout\":\"3m0s\"}},\"forwardedHeaders\":{},\"http\":{},\"http2\":{\"maxConcurrentStreams\":250},\"udp\":{\"timeout\":\"3s\"}}},\"providers\":{\"providersThrottleDuration\":\"2s\",\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":\"15s\"},\"file\":{\"directory\":\"/etc/traefik\",\"watch\":true}},\"api\":{\"insecure\":true,\"dashboard\":true},\"metrics\":{\"prometheus\":{\"buckets\":[0.1,0.3,1.2,5],\"addEntryPointsLabels\":true,\"addServicesLabels\":true,\"entryPoint\":\"web\"}},\"log\":{\"level\":\"DEBUG\",\"filePath\":\"/var/log/traefik/traefik.log\",\"format\":\"common\"},\"accessLog\":{\"filePath\":\"/var/log/traefik/access.log\",\"format\":\"common\",\"filters\":{},\"fields\":{\"defaultMode\":\"keep\",\"headers\":{\"defaultMode\":\"drop\"}}},\"certificatesResolvers\":{\"staging\":{\"acme\":{\"email\":\"projectseriesbackendfrontend@duck.com\",\"caServer\":\"https://acme-staging-v02.api.letsencrypt.org/directory\",\"storage\":\"acme.json\",\"keyType\":\"RSA4096\",\"certificatesDuration\":2160,\"httpChallenge\":{\"entryPoint\":\"web\"}}}}}"

time="2024-02-01T08:25:46Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"

time="2024-02-01T08:25:46Z" level=debug msg="Configured Prometheus metrics" metricsProviderName=prometheus

time="2024-02-01T08:25:46Z" level=info msg="Starting provider aggregator aggregator.ProviderAggregator"

time="2024-02-01T08:25:46Z" level=debug msg="Starting TCP Server" entryPointName=websecure

time="2024-02-01T08:25:46Z" level=debug msg="Starting TCP Server" entryPointName=traefik

time="2024-02-01T08:25:46Z" level=debug msg="Starting TCP Server" entryPointName=web

time="2024-02-01T08:25:46Z" level=info msg="Starting provider *file.Provider"

time="2024-02-01T08:25:46Z" level=debug msg="*file.Provider provider configuration: {\"directory\":\"/etc/traefik\",\"watch\":true}"

time="2024-02-01T08:25:46Z" level=info msg="Starting provider *traefik.Provider"

time="2024-02-01T08:25:46Z" level=debug msg="*traefik.Provider provider configuration: {}"

time="2024-02-01T08:25:46Z" level=info msg="Starting provider *acme.ChallengeTLSALPN"

time="2024-02-01T08:25:46Z" level=debug msg="*acme.ChallengeTLSALPN provider configuration: {}"

time="2024-02-01T08:25:46Z" level=info msg="Starting provider *docker.Provider"

time="2024-02-01T08:25:46Z" level=debug msg="*docker.Provider provider configuration: {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":\"15s\"}"

time="2024-02-01T08:25:46Z" level=info msg="Starting provider *acme.Provider"

time="2024-02-01T08:25:46Z" level=debug msg="*acme.Provider provider configuration: {\"email\":\"projectseriesbackendfrontend@duck.com\",\"caServer\":\"https://acme-staging-v02.api.letsencrypt.org/directory\",\"storage\":\"acme.json\",\"keyType\":\"RSA4096\",\"certificatesDuration\":2160,\"httpChallenge\":{\"entryPoint\":\"web\"},\"ResolverName\":\"staging\",\"store\":{},\"TLSChallengeProvider\":{},\"HTTPChallengeProvider\":{}}"

time="2024-02-01T08:25:46Z" level=debug msg="Attempt to renew certificates \"720h0m0s\" before expiry and check every \"24h0m0s\"" ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme

time="2024-02-01T08:25:46Z" level=info msg="Testing certificate renew..." ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme

time="2024-02-01T08:25:46Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"acme-http\":{\"entryPoints\":[\"web\"],\"service\":\"acme-http@internal\",\"rule\":\"PathPrefix(`/.well-known/acme-challenge/`)\",\"priority\":2147483647},\"api\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/api`)\",\"priority\":2147483646},\"dashboard\":{\"entryPoints\":[\"traefik\"],\"middlewares\":[\"dashboard_redirect@internal\",\"dashboard_stripprefix@internal\"],\"service\":\"dashboard@internal\",\"rule\":\"PathPrefix(`/`)\",\"priority\":2147483645},\"prometheus\":{\"entryPoints\":[\"web\"],\"service\":\"prometheus@internal\",\"rule\":\"PathPrefix(`/metrics`)\",\"priority\":2147483647}},\"services\":{\"acme-http\":{},\"api\":{},\"dashboard\":{},\"noop\":{},\"prometheus\":{}},\"middlewares\":{\"dashboard_redirect\":{\"redirectRegex\":{\"regex\":\"^(http:\\\\/\\\\/(\\\\[[\\\\w:.]+\\\\]|[\\\\w\\\\._-]+)(:\\\\d+)?)\\\\/$\",\"replacement\":\"${1}/dashboard/\",\"permanent\":true}},\"dashboard_stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/dashboard/\",\"/dashboard\"]}}},\"serversTransports\":{\"default\":{\"insecureSkipVerify\":true,\"maxIdleConnsPerHost\":200}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=internal

time="2024-02-01T08:25:46Z" level=debug msg="Configuration received: {\"http\":{},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=file

time="2024-02-01T08:25:46Z" level=debug msg="Configuration received: {\"http\":{},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=staging.acme

time="2024-02-01T08:25:46Z" level=debug msg="Provider connection established with docker 25.0.1 (API 1.44)" providerName=docker

time="2024-02-01T08:25:46Z" level=debug msg="Filtering disabled container" container=traefik-traefik-485184ed3bf1aaba9b60b979799cad5240056c136eee1cf553e9fedf3d94ab99 providerName=docker

time="2024-02-01T08:25:46Z" level=debug msg="Configuration received: {\"http\":{},\"tcp\":{},\"udp\":{}}" providerName=docker

time="2024-02-01T08:25:47Z" level=debug msg="Provider event received {Status:start ID:b06045561010c3e566aa18055cb895d9524aaec451eb73729d8e0d5f715473fb From:strm/helloworld-http Type:container Action:start Actor:{ID:b06045561010c3e566aa18055cb895d9524aaec451eb73729d8e0d5f715473fb Attributes:map[com.docker.compose.config-hash:452b118257b1293ee53477a8dc9909c97822268312506554c02f4f767bafc8dc com.docker.compose.container-number:1 com.docker.compose.depends_on:traefik:service_started:false com.docker.compose.image:sha256:29acbf1818de95b67ebdcc9641799e4c78a1de6509ee2a6f32e05ef8e3eb6e79 com.docker.compose.oneoff:False com.docker.compose.project:traefik com.docker.compose.project.config_files:/root/traefik/docker-compose.yml com.docker.compose.project.working_dir:/root/traefik com.docker.compose.service:front com.docker.compose.version:2.24.2 image:strm/helloworld-http maintainer:opsxcq@strm.sh name:load-balancer traefik.enable:true traefik.http.routers.grafana.entrypoints:websecure traefik.http.routers.grafana.rule:Host(`grafana.**.com`) traefik.http.routers.grafana.service:grafana traefik.http.routers.grafana.tls:true traefik.http.routers.grafana.tls.certresolver:staging traefik.http.services.grafana.loadbalancer.server.port:80]} Scope:local Time:1706775947 TimeNano:1706775947001531778}" providerName=docker

time="2024-02-01T08:25:47Z" level=debug msg="Filtering disabled container" providerName=docker container=traefik-traefik-485184ed3bf1aaba9b60b979799cad5240056c136eee1cf553e9fedf3d94ab99

time="2024-02-01T08:25:47Z" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware prometheus@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=web routerName=prometheus@internal

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware acme-http@internal" entryPointName=web routerName=acme-http@internal middlewareName=tracing middlewareType=TracingForwarder

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=web middlewareName=traefik-internal-recovery

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware api@internal" routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" entryPointName=traefik routerName=dashboard@internal middlewareName=tracing middlewareType=TracingForwarder

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareType=StripPrefix entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal

time="2024-02-01T08:25:47Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_stripprefix@internal entryPointName=traefik routerName=dashboard@internal

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex

time="2024-02-01T08:25:47Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex

time="2024-02-01T08:25:47Z" level=debug msg="Adding tracing to middleware" routerName=dashboard@internal middlewareName=dashboard_redirect@internal entryPointName=traefik

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery entryPointName=traefik middlewareType=Recovery

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint entryPointName=websecure middlewareType=Metrics

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=traefik

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:47Z" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=api@internal

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=dashboard@internal

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix entryPointName=traefik routerName=dashboard@internal

time="2024-02-01T08:25:47Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_stripprefix@internal entryPointName=traefik routerName=dashboard@internal

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex

time="2024-02-01T08:25:47Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik

time="2024-02-01T08:25:47Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware prometheus@internal" middlewareType=TracingForwarder entryPointName=web routerName=prometheus@internal middlewareName=tracing

time="2024-02-01T08:25:47Z" level=debug msg="Added outgoing tracing middleware acme-http@internal" middlewareType=TracingForwarder entryPointName=web routerName=acme-http@internal middlewareName=tracing

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=traefik

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=web

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=traefik

time="2024-02-01T08:25:47Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=web

time="2024-02-01T08:25:48Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"grafana\":{\"entryPoints\":[\"websecure\"],\"service\":\"grafana\",\"rule\":\"Host(`grafana.**.com`)\",\"tls\":{\"certResolver\":\"staging\"}}},\"services\":{\"grafana\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.21.0.3:80\"}],\"passHostHeader\":true}}}},\"tcp\":{},\"udp\":{}}" providerName=docker

time="2024-02-01T08:25:49Z" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default

time="2024-02-01T08:25:49Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" entryPointName=traefik routerName=dashboard@internal middlewareName=tracing middlewareType=TracingForwarder

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" routerName=dashboard@internal entryPointName=traefik middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix

time="2024-02-01T08:25:49Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareType=RedirectRegex middlewareName=dashboard_redirect@internal

time="2024-02-01T08:25:49Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal middlewareType=RedirectRegex

time="2024-02-01T08:25:49Z" level=debug msg="Adding tracing to middleware" routerName=dashboard@internal middlewareName=dashboard_redirect@internal entryPointName=traefik

time="2024-02-01T08:25:49Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareType=TracingForwarder entryPointName=traefik routerName=api@internal middlewareName=tracing

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery

time="2024-02-01T08:25:49Z" level=debug msg="Added outgoing tracing middleware prometheus@internal" entryPointName=web routerName=prometheus@internal middlewareName=tracing middlewareType=TracingForwarder

time="2024-02-01T08:25:49Z" level=debug msg="Added outgoing tracing middleware acme-http@internal" routerName=acme-http@internal middlewareType=TracingForwarder middlewareName=tracing entryPointName=web

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" middlewareType=Metrics entryPointName=websecure middlewareName=metrics-entrypoint

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" middlewareType=Metrics entryPointName=traefik middlewareName=metrics-entrypoint

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=web

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" middlewareName=pipelining entryPointName=websecure routerName=grafana@docker serviceName=grafana middlewareType=Pipelining

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" routerName=grafana@docker middlewareName=metrics-service middlewareType=Metrics serviceName=grafana entryPointName=websecure

time="2024-02-01T08:25:49Z" level=debug msg="Creating load-balancer" entryPointName=websecure routerName=grafana@docker serviceName=grafana

time="2024-02-01T08:25:49Z" level=debug msg="Creating server 0 http://172.21.0.3:80" entryPointName=websecure routerName=grafana@docker serviceName=grafana serverName=0

time="2024-02-01T08:25:49Z" level=debug msg="child http://172.21.0.3:80 now UP"

time="2024-02-01T08:25:49Z" level=debug msg="Propagating new UP status"

time="2024-02-01T08:25:49Z" level=debug msg="Added outgoing tracing middleware grafana" routerName=grafana@docker entryPointName=websecure middlewareName=tracing middlewareType=TracingForwarder

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=websecure

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:49Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:25:49Z" level=debug msg="Adding route for grafana.**.com with TLS options default" entryPointName=websecure

time="2024-02-01T08:25:49Z" level=debug msg="Trying to challenge certificate for domain [grafana.**.com] found in HostSNI rule" providerName=staging.acme routerName=grafana@docker rule="Host(`grafana.**.com`)" ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory"

time="2024-02-01T08:25:49Z" level=debug msg="Looking for provided certificate(s) to validate [\"grafana.**.com\"]..." rule="Host(`grafana.**.com`)" ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme routerName=grafana@docker

time="2024-02-01T08:25:49Z" level=debug msg="Domains [\"grafana.**.com\"] need ACME certificates generation for domains \"grafana.**.com\"." ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme routerName=grafana@docker rule="Host(`grafana.**.com`)"

time="2024-02-01T08:25:49Z" level=debug msg="Loading ACME certificates [grafana.**.com]..." ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme routerName=grafana@docker rule="Host(`grafana.**.com`)"

time="2024-02-01T08:25:49Z" level=debug msg="Building ACME client..." providerName=staging.acme

time="2024-02-01T08:25:49Z" level=debug msg="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme

time="2024-02-01T08:25:49Z" level=debug msg="Using HTTP Challenge provider." providerName=staging.acme

time="2024-02-01T08:25:49Z" level=debug msg="legolog: [INFO] [grafana.**.com] acme: Obtaining bundled SAN certificate"

time="2024-02-01T08:25:50Z" level=debug msg="legolog: [INFO] [grafana.**.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10935905084"

time="2024-02-01T08:25:50Z" level=debug msg="legolog: [INFO] [grafana.**.com] acme: Could not find solver for: tls-alpn-01"

time="2024-02-01T08:25:50Z" level=debug msg="legolog: [INFO] [grafana.**.com] acme: use http-01 solver"

time="2024-02-01T08:25:50Z" level=debug msg="legolog: [INFO] [grafana.**.com] acme: Trying to solve HTTP-01"

time="2024-02-01T08:25:50Z" level=debug msg="Unable to split host and port: address grafana.**.com: missing port in address. Fallback to request host." providerName=acme

time="2024-02-01T08:25:50Z" level=debug msg="Retrieving the ACME challenge for grafana.**.com (token \"o57lSAKvnq8obIg13CkBXH8EFWYAd_17pcC3-0WrZWU\")..." providerName=acme

time="2024-02-01T08:25:51Z" level=debug msg="Unable to split host and port: address grafana.**.com: missing port in address. Fallback to request host." providerName=acme

time="2024-02-01T08:25:51Z" level=debug msg="Retrieving the ACME challenge for grafana.**.com (token \"o57lSAKvnq8obIg13CkBXH8EFWYAd_17pcC3-0WrZWU\")..." providerName=acme

time="2024-02-01T08:25:51Z" level=debug msg="Unable to split host and port: address grafana.**.com: missing port in address. Fallback to request host." providerName=acme

time="2024-02-01T08:25:51Z" level=debug msg="Retrieving the ACME challenge for grafana.**.com (token \"o57lSAKvnq8obIg13CkBXH8EFWYAd_17pcC3-0WrZWU\")..." providerName=acme

time="2024-02-01T08:25:57Z" level=debug msg="legolog: [INFO] [grafana.**.com] The server validated our request"

time="2024-02-01T08:25:57Z" level=debug msg="legolog: [INFO] [grafana.**.com] acme: Validations succeeded; requesting certificates"

time="2024-02-01T08:26:00Z" level=debug msg="legolog: [INFO] Wait for certificate [timeout: 30s, interval: 500ms]"

time="2024-02-01T08:26:01Z" level=debug msg="legolog: [INFO] [grafana.**.com] Server responded with a certificate."

time="2024-02-01T08:26:01Z" level=debug msg="Certificates obtained for domains [grafana.**.com]" routerName=grafana@docker rule="Host(`grafana.**.com`)" ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=staging.acme

time="2024-02-01T08:26:01Z" level=debug msg="Configuration received: {\"http\":{},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=staging.acme

time="2024-02-01T08:26:01Z" level=debug msg="Adding certificate for domain(s) grafana.**.com"

time="2024-02-01T08:26:02Z" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default

time="2024-02-01T08:26:02Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" routerName=dashboard@internal middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" routerName=dashboard@internal entryPointName=traefik middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix

time="2024-02-01T08:26:02Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_stripprefix@internal entryPointName=traefik routerName=dashboard@internal

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex

time="2024-02-01T08:26:02Z" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik

time="2024-02-01T08:26:02Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal

time="2024-02-01T08:26:02Z" level=debug msg="Added outgoing tracing middleware api@internal" routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery

time="2024-02-01T08:26:02Z" level=debug msg="Added outgoing tracing middleware prometheus@internal" entryPointName=web routerName=prometheus@internal middlewareName=tracing middlewareType=TracingForwarder

time="2024-02-01T08:26:02Z" level=debug msg="Added outgoing tracing middleware acme-http@internal" routerName=acme-http@internal middlewareType=TracingForwarder middlewareName=tracing entryPointName=web

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=traefik

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=web

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" middlewareType=Pipelining serviceName=grafana entryPointName=websecure routerName=grafana@docker middlewareName=pipelining

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" entryPointName=websecure routerName=grafana@docker serviceName=grafana middlewareName=metrics-service middlewareType=Metrics

time="2024-02-01T08:26:02Z" level=debug msg="Creating load-balancer" entryPointName=websecure routerName=grafana@docker serviceName=grafana

time="2024-02-01T08:26:02Z" level=debug msg="Creating server 0 http://172.21.0.3:80" serviceName=grafana entryPointName=websecure serverName=0 routerName=grafana@docker

time="2024-02-01T08:26:02Z" level=debug msg="child http://172.21.0.3:80 now UP"

time="2024-02-01T08:26:02Z" level=debug msg="Propagating new UP status"

time="2024-02-01T08:26:02Z" level=debug msg="Added outgoing tracing middleware grafana" middlewareType=TracingForwarder entryPointName=websecure routerName=grafana@docker middlewareName=tracing

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=traefik-internal-recovery middlewareType=Recovery

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=metrics-entrypoint middlewareType=Metrics

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" middlewareType=Metrics entryPointName=traefik middlewareName=metrics-entrypoint

time="2024-02-01T08:26:02Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=web

time="2024-02-01T08:26:02Z" level=debug msg="Adding route for grafana.**.com with TLS options default" entryPointName=websecure

time="2024-02-01T08:26:02Z" level=debug msg="Trying to challenge certificate for domain [grafana.**.com] found in HostSNI rule" rule="Host(`grafana.**.com`)" providerName=staging.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" routerName=grafana@docker

time="2024-02-01T08:26:02Z" level=debug msg="Looking for provided certificate(s) to validate [\"grafana.**.com\"]..." providerName=staging.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" routerName=grafana@docker rule="Host(`grafana.**.com`)"

time="2024-02-01T08:26:02Z" level=debug msg="No ACME certificate generation required for domains [\"grafana.**.com\"]." routerName=grafana@docker rule="Host(`grafana.**.com`)" providerName=staging.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory"

And as your request:

root@Ubuntu2204-Safe:~/traefik# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      39271/docker-proxy  
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      39309/docker-proxy  
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      5824/sshd: /usr/sbi 
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      39289/docker-proxy  
tcp        0      0 127.0.0.1:39525         0.0.0.0:*               LISTEN      29427/node          
tcp        0      0 127.0.0.1:40417         0.0.0.0:*               LISTEN      29936/code-8b377503 
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      5206/systemd-resolv 
tcp6       0      0 :::8080                 :::*                    LISTEN      39277/docker-proxy  
tcp6       0      0 :::80                   :::*                    LISTEN      39316/docker-proxy  
tcp6       0      0 :::22                   :::*                    LISTEN      5824/sshd: /usr/sbi 
tcp6       0      0 :::443                  :::*                    LISTEN      39295/docker-proxy  
udp        0      0 127.0.0.53:53           0.0.0.0:*                           5206/systemd-resolv 
root@Ubuntu2204-Safe:~/traefik#

User1 · February 1, 2024, 8:40am

a simple example is working.
What is differenciate ?

bluepuma77 · February 1, 2024, 8:48am

Maybe you copied something from Windows and there are strange hidden characters in the config. Just add the necessary stuff from your config to the working one, piece by piece.

You must set the TLS storage, or it will be re-created on every container re-creation. Then you might run into LetsEncrypt limits, blocking you for 7 days to create new certs.

User1 · February 1, 2024, 9:02am

Now I get this error

Unable to obtain ACME certificate for domains error="unable to generate a certificate for the domains [traefik-traefik]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"traefik-traefik\": Domain name needs at least one dot"

How certificate re created?

bluepuma77 · February 1, 2024, 10:33am

LetsEncrypt TLS certs can only be issued for real existing domains.

Cannot issue for \"traefik-traefik\": Domain name needs at least one dot"

User1 · February 1, 2024, 10:37am

I handle it. Thank you for your help Sir.

Solution: Change your config like Trafeik Example then edit your properties.

system · February 4, 2024, 10:37am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
No connection/routing on 443 Traefik v2 docker , letsencrypt-acme	5	1786	February 28, 2020
Why does Traefik allow unencrypted HTTP over port 443? Traefik v2 tcp	8	890	July 20, 2023
Problem with Lets Encrypt. ACME Fails Traefik v2 docker , letsencrypt-acme	3	2680	March 11, 2022
How to expose port 53 for traefik/acme-dns Traefik v2 docker , letsencrypt-acme , tcp	0	2867	August 27, 2019
Traefik V2 - No Docker - Router error: Acme challenge is not enabled Traefik v2 letsencrypt-acme	10	2596	December 31, 2021

Trafeik refuse 443 port

Related Topics