Cannot enable HTTPS

Hello ,
a few days ago I changed my domain name. Before everything worked perfectly, but after the change of domain, everything was broken and more access to the web pages of my server. I put my nose in the files to understand and looked at all the solutions on the net. I cannot find my error.
Here are the traefik.toml and docker compose proxy files.
Can you help me ? I carried out the test that you offer in one of the subject. the advertised error is no return with port 80. Not speaking English well I am afraid of not understanding everything well. Thank you for the attention you have given to my problem.

version: ‘2’

services:

###########

Traefik

###########
traefik:
image: traefik:v1.7
container_name: traefik
restart: unless-stopped
hostname: traefik
labels:
- traefik.enable=true
- traefik.frontend.rule=Host:traefik.vanaheim.fr
- traefik.port=8080
- traefik.docker.network=traefik-proxy
- traefik.frontend.auth.basic.users=madameko:$$2y$$10$$ww.cf5Ii6CQZAlwEv.av6.4Az5qOYPFuda0Rn1KgMB08gHHya$
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./docker/files/traefik.toml:/traefik.toml:ro
- ./docker/files:/etc/traefik/acme:rw
- ./files/certs:/certs
ports:
- “443:443”
expose:
- “8080”
networks:
- traefik-proxy
volumes:
files:
driver: local

networks:
traefik-proxy:
external:
name: traefik-proxy

debug = true
defaultEntryPoints = [“https”]
InsecureSkipVerify = true
Dashboard = true

[api]
entryPoint = “traefik”
address = “:8080”

Entrypoints, http and https

[entryPoints]
[entryPoints.http]
address = “:80”
[entryPoints.http.redirect]
entryPoint = “https” # https is the default
[entryPoints.https]
address = “:443”
[entryPoints.https.tls]

Enable ACME (Let’s Encrypt): automatic SSL

[acme]
caServer = “https://acme-v02.api.letsencrypt.org/directory
email = “email@email.fr
storage = “acme.json” # or "traefik/acme/accou$
entryPoint = “https”
onDemand = true
OnHostRule = true
[docker]
endpoint = “unix:///var/run/docker.sock”
domain = “vanaheim.fr
watch = true
exposedbydefault = false

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: vanaheim.fr

I ran this command: Docker compose with traefik

It produced this output: ERR_SSL_PROTOCOL_ERROR

My web server is (include version): Ubuntu server + Docker

The operating system my web server runs on is (include version): Ubuntu LTS 18.04

My hosting provider, if applicable, is: IONOS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Docker Portainer

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Traefik

1 Like

You’ve got a very strange TLS configuration. See https://www.ssllabs.com/ssltest/analyze.html?d=vanaheim.fr (click on the link to ignore the certificate mismatch to see the results if required).

Only TLS1.0 is enabled, which is bad. At least TLS 1.1 and TLS 1.2 should be enabled. But even with TLS 1.0, it couldn’t connect to your server?

I’m afraid my Traefik knowledge is non-existent, so I can’t help you further. Perhaps someone else can.

1 Like

Here are the changes I made today

version: ‘2’

services:
traefik:
restart: unless-stopped
image: traefik
container_name: 01-Proxy_traefi
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./files/traefik.toml:/traefik.toml
- ./files/acme:/etc/traefik/acme
- ./files/certs:/certs
ports:
- “80:80”
- “443:443”
- “8080:8080”
networks:
- traefik-proxy

volumes:
files:
driver: local

networks:
traefik-proxy:
external:
name: traefik-proxy



and the file traefik.toml
> 
> debug = true
> 
> defaultEntryPoints = ["http", "https"]   # defaultEntryPoints must be at the top because it should not be in any table below
> 
> [web]
>   # Port for the status page
>   address = ":8080"
>   #[web.auth.basic]
>   #  users = ["traefik:generate-with-htpasswd"]
> 
> # Entrypoints, http and https
> [entryPoints]
>   [entryPoints.http]                                                                       # http should be redirected to https
>     address = ":80"
>     [entryPoints.http.redirect]
>       entryPoint = "https"                                                               # https is the default
>   [entryPoints.https]
>     address = ":443"
>     [entryPoints.https.tls]
> 
> # Enable ACME (Let's Encrypt): automatic SSL
> [acme]
>   # caServer = "https://acme-staging.api.letsencrypt.org/directory"
>   email = "madameKO@protonmail.com"
>   storage = "acme.json"                                                               # or "traefik/acme/account" if using KV store
>   entryPoint = "https"
>   onDemand = false
>   OnHostRule = true
> 
> [docker]
>   endpoint = "unix:///var/run/docker.sock"
>   domain = "vanaheim.fr"
>   watch = true
>   exposedbydefault = false    



always the same problematic, I don't see where there is a problem


EDIT : 
I just saw that there was an incompatibility with ubuntu bionic .. Is this a problem?

**'' The repository 'https://download.docker.com/linux/debian bionic Release' does not have a Release file. ''**

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.