Wildcard SSL certificate served over normal SSL certificate

ChrisCreate · August 15, 2019, 7:01am

I've got 2 certificates, one for the root domain (example.com) and one for the wildcard subdomains (*.example.com)

Now the wildcard subdomain also supports SSL for the root domain, so traefik serve's the wildcard ssl certificate on the root domain instead of the certificate specific for the root domain

Now I've made an issue on github but maybe someone here can help.

Github link: https://github.com/containous/traefik/issues/5206

daniel.tomcej · August 15, 2019, 2:46pm

Hello @ChrisCreate,

Traefik 1.7 caches certificate responses to improve TLS performance.

In your case, because both your wildcard certificate and your other certificate are both valid, Traefik cannot know which one to choose to serve. It just uses whatever certificate is cached at the time.

If you are required to only serve one certificate for the root domain, I would suggest removing the SAN from your wildcard.

Topic		Replies	Views
Traefik serving default certificate while other certificate assigned Traefik v2 kubernetes-crd	3	2228	March 18, 2021
Multiple certificates in TLSstore Traefik v2 kubernetes-crd	3	3538	June 21, 2024
Wildcard certificates for all subdomains without service Traefik v2 docker , letsencrypt-acme	1	3451	May 3, 2021
Different Wildcard certificate? Traefik v2 docker , letsencrypt-acme	2	425	September 10, 2020
Complete tutorial for wildcard cert support on k8s Traefik v2 kubernetes-crd , letsencrypt-acme	1	425	December 8, 2019

Wildcard SSL certificate served over normal SSL certificate

Related topics