2

The configuration below worked fine until I moved the location of the docker-compose.yml file. Now I got the invalid certificate message in the browser "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store." for the self-signed certificate. Not sure what is causing the problem.

services:
  traefik:
    image: "traefik:v2.0.2"
    container_name: "traefik"
    command:
      - "--entrypoints.web.address=:80"
      - "--entryPoints.websecure.address=:443"
      - "--api"
      - "--providers.docker"
      - "--certificatesResolvers.le-resolver.acme.email=test@nodomain.com"
      - "--certificatesResolvers.le-resolver.acme.storage=acme.json"
      - "--certificatesResolvers.le-resolver.acme.httpChallenge.entryPoint=web"
    labels:
      # global redirect to https
      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
      # middleware redirect
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./data/acme.json:/acme.json"
user1916077
  • 431
  • 1
  • 7
  • 18
  • 1
    Do you have self-signed certificates (usually for dev use cases) or do you want certs from lets encrypt? One of the tags on question is self-signed-certificate but the docker-compose.yml is trying to use lets encrypt (default option for traefik) to get certificates for you. Hence my question. – Phani Kandula May 15 '20 at 14:18
  • I think you are right, I am not using self-signed certificate. It is the Traefik Default Cert. Which I do not get is why it is invalid. – user1916077 May 15 '20 at 15:01
  • 1
    @user1916077 did you find a way to use the Traefik Default Cert? – Jose Daniel Feb 10 '21 at 16:44

0 Answers0