0

I'm using Traefik as a reverse proxy to my homelab. I'd like to use HTTPS inside the lab using a custom CA. To do this, I've set up a ServersTransport that trusts my lab CA.

This worked well until a few days ago when a critical service's certificate expired. At that time, Traefik returned a page saying "Internal Server Error" and nothing else, and I had to log in to the proxy server to discover that it was indeed a certificate expiring that caused it.

Is there a way to configure Traefik so that, when there is a TLS error, it would show what the error is? I can't use an Errors middleware because the inner services might return 500 errors as well, and I can't afford to lose access to the bodies of those responses like Errors would.

(I would accept having to switch to a different reverse proxy if it turns out that Traefik can't easily do it. It doesn't seem like many others can do anything like this.)

Danya02
  • 101
  • 1
  • Would using the [Traefik dashboard](https://doc.traefik.io/traefik/operations/dashboard/) be a viable solution? – Ginnungagap May 27 '23 at 06:11
  • @Ginnungagap How does that help? I tried to add a router with a service pointing at https://expired.badssl.com/, and that showed up with a status of "OK" on both. Maybe some kind of metrics needs to be enabled for such errors to show up? – Danya02 May 27 '23 at 17:29
  • You need an associated healthcheck for the service to be marked down. – Ginnungagap May 28 '23 at 08:34

0 Answers0