Hello,
i use traefik for several docker services running on the same host. For them i use the build in ACME Cert-Resolver for Let's Encrypt.
Now i want to add a mailcow server and get ACME-Certificates for TLS-Connections.
I don't want to publish my mail.domain.com on 443. I only want Traefik to generate the mail.domain.com certificate. Then i plan to use humenius/traefik-certs-dumper to extract the right certificates into mailcow folder.
My Problem is that i could not find out how to configure a router or service with only a dummy server. Or find another way to let traefik generate the certificates.
I cannot use DNS01 Challenge because my DNS-Provider does not have an API 
The only other Thread mentioning this is here: Generate Only Certificates
But he did not explain how to define the service...
Does anyone know how to do that?
Regards
Why not use simple traefik/whoami service/container with the planned domain name to let Traefik generate the cert?
If i use a service/container like that there will be another service exposed to the public. If i can configure traefik in a way that this service would not be reachable that solution would fit for me.
If i have another webserver open in the web all the time, that is not a great solution.
Are there other ideas?
Another option: add mail.domain.com to an existing service in rule=Host (using ||) to let Traefik create a cert for it.
yes that is a good workaround and i will use that...
Thank you for that suggestion.
But i just want to know: Isn't there any native solution to tell traefik to generate an ACME-Request for a domain that has no router/service defined?
Not that I am aware of. Traefik is a reverse proxy.
If you need LE certs, use certbot or the le-go library that Traefik uses.
Ok.
i cannot use certbot because 443 and 80 of my public ip is already DNATed to the host where my traefik-container is running. So no possibility to run an extra certbot.
But i now the answer now so this can be closed.
Thank you for your help!
Regards
Yes, you can.
You can use Traefik with TLSchallenge (or DNSchallence) and certbot with HTTPchallenge at the same time.
Check this post for example certbot behind Traefik.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.