1

I have written this dynamic config for Apache2 which is hosting my personal website with its own SSL certs.

My personal website is hosted from home and gets picked up via proxy running on the remote server in the private cloud. And this is separate from my home network.

However I can access the IP of the Apache web server and from home directly to navigate to website. And since I have other web apps running locally at home, which I access via Traefik, I want to be able to access my website locally via Traefik routing to local server running Apache2 directly.

For this I have written this dynamic config:

# As YAML Configuration File
tcp:
  routers:
    router-apache2:
      entrypoints:
        - "https"
      rule: "Host(`access.website.com`)"
      service: web-service
      tls:
        passthrough: true

  services:
    web-service:
      loadBalancer:
        servers:
          - url: "http://192.168.1.10:80"

And since I want to continue using my existing certs for my personal website even when I am accessing through Traefik I used passthrough to true as described here: https://doc.traefik.io/traefik/routing/routers/#passthrough , but it is throwing error

{"level":"debug","msg":"Serving default certificate for request: \"access.website.com\"","time":"2022-09-02T12:15:13Z"}
{"level":"debug","msg":"http: TLS handshake error from 192.168.1.35:54474: remote error: tls: bad certificate","time":"2022-09-02T12:15:13Z"}
{"level":"debug","msg":"Serving default certificate for request: \"access.website.com\"","time":"2022-09-02T12:15:13Z"}
{"level":"debug","msg":"http: TLS handshake error from 192.168.1.35:54478: remote error: tls: bad certificate","time":"2022-09-02T12:15:13Z"}
{"level":"debug","msg":"Serving default certificate for request: \"\"","time":"2022-09-02T12:15:20Z"}
{"level":"debug","msg":"Serving default certificate for request: \"\"","time":"2022-09-02T12:15:47Z"}
{"level":"debug","msg":"Serving default certificate for request: \"\"","time":"2022-09-02T12:15:49Z"}
{"level":"debug","msg":"Serving default certificate for request: \"\"","time":"2022-09-02T12:15:49Z"}
{"level":"error","msg":"Error occurred during watcher callback: /config/apache2.yml: field not found, node: passthrough","providerName":"file","time":"2022-09-02T12:16:51Z"}
{"level":"debug","msg":"Serving default certificate for request: \"access.website.com\"","time":"2022-09-02T12:18:41Z"}

I am using Traefik version 2.8.3

halfer
  • 19,824
  • 17
  • 99
  • 186
Ciasto piekarz
  • 7,853
  • 18
  • 101
  • 197
  • Note that we prefer a technical style of writing here. We gently discourage greetings, hope-you-can-helps, thanks, advance thanks, notes of appreciation, regards, kind regards, signatures, please-can-you-helps, chatty material and abbreviated txtspk, pleading, how long you've been stuck, voting advice, meta commentary, etc. Just explain your problem, and show what you've tried, what you expected, and what actually happened. – halfer Sep 03 '22 at 21:45
  • you use tls passthrough but the service runs on "http" not "https". So you forward encrypted traffic to a service that is expecting unencrypted traffic. Do I read it correctly? If you really want to use https locally using the certs just as the server, then maybe you can achieve this by adding `access.website.com 127.0.0.1` to your `/etc/hosts`. However you will need to rememeber to remove this to access the remote server lately – Mihai Sep 04 '22 at 08:03

0 Answers0