Use self-signed certificates with docker/docker-compose

Hello everybody,

actually I am trying out traefik for the first time and I really like it.

I am struggling with a little something: I can not get SSL (self-signed) working.

I created a new docker container for traefik this way (this is a foreman-hash for puppet provisioning):

traefik/traefik:
  image: traefik:latest
  restart: always
  command: "--api.insecure=true --providers.docker --providers.docker.exposedbydefault=false
    --providers.docker.watch=true --entrypoints.http.address=:80 --entrypoints.https.address=:443"
  net:
  - web
  ports:
  - 80:80
  - 443:443
  - 8080:8080
  volumes:
  - "/var/run/docker.sock:/var/run/docker.sock"
  - traefik-certs:/certs
  ensure: present

As you can see, I can not define a toml file - I have to pass all the arguments via command.

I also created a cert for *.example.com:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cert.key -out cert.crt

But now I can not add the tls certs via command - I always get this error:

command traefik error: failed to decode configuration from flags: field not found, node: tls

So my question is: How can I get this working? Actually I can not use LE, too, as I am working in a private network that is not exposed to public and I do not have full control over DNS.

Hello,

the CLI flags (commands) are the definition of the static configuration

The TLS certificates must be defined in the dynamic configuration

The dynamic configuration and the static configuration must be defined in separated files.

To use your certificates: https://docs.traefik.io/v2.1/https/tls/#user-defined

1 Like