Website "Not Secure" after upgrade from 2.2.8 to 2.3.1

Traefik Traefik v2 (latest)
1

I've had a Traefik docker setup humming along on my local machine for a few months now and decided to upgrade to 2.3.1 from 2.2.8. I simply swapped in the new image via the docker compose yml, and now the default Traefik cert is being used, resulting in a "connection not private" message in Chrome.

I've been referencing the cert file from my static start-up yml like this...

log:
   level: DEBUG

api:
   dashboard: true

entryPoints:
   web:
      address: ":80"
      http:
         redirections:
            entryPoint:
               to: websecure
               scheme: https
   websecure:
      address: ":443"

providers:
   docker:
      endpoint: "unix:///var/run/docker.sock"
      exposedByDefault: false

# ---[ DEV ONLY ]--- #
   file:
      filename: /etc/traefik/ssl/certs.yml
      watch: true
# ---[ DEV ONLY ]--- #

...and my certs.yml looks like this...

tls:
   stores:
      defaultCertificate:
         certFile: /etc/traefik/ssl/all.localhost.crt
         keyFile: /etc/traefik/ssl/all.localhost.key
   certificates:
      -  certFile: /etc/traefik/ssl/all.localhost.crt
         keyFile: /etc/traefik/ssl/all.localhost.key
         stores:
            - default

Anyone know why this broke and how to remedy?

2

The defaultCertificate should be nested under a store. Why it works in 2.2.8 I don't know, it shouldn't.

tls:
  stores:
    default:
      defaultCertificate:
        certFile: /etc/traefik/ssl/all.localhost.crt
        keyFile: /etc/traefik/ssl/all.localhost.key
  certificates:
    -  certFile: /etc/traefik/ssl/all.localhost.crt
       keyFile: /etc/traefik/ssl/all.localhost.key
       stores:
         - default
3

Holy mother bear! You da man!
:+1:

I guess some changes were made to the parser or something. I just don't understand why computers have to be so strict. :smirk:

1 Like
4

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.