Traefik v2 certificate NET::ERR_CERT_AUTHORITY_INVALID

I have setup Traefik v2 in EKS and configure certificate resolver with following config

      email = ""
      caServer = ""
      storage = "/etc/traefik/storage/acme.json"
        provider = "route53"
        delayBeforeCheck = 0
        resolvers = ["", ""]

Traefik container were able to get the certificate, which I verified by checking the contents of /etc/traefik/storage/acme.json.

But when I try to open HTTPS dashboard URL I get NET::ERR_CERT_AUTHORITY_INVALID error message in all browsers (Chrome, Safari, Firefox)

Issuer: Untrusted CA
Expires on: Dec 30, 2019
Current date: Oct 1, 2019

This Traefik environment running on AWS eks (v1.3) with traefik:v2.0
I am on Macbook (macOS : 10.13.6) with admin privileges & Chrome (Version 77.0.3865.90)

Hi @rp346

please answer the following questions:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Updated with more details.

Hi @rp346

checking your domain via that's

the expected result.

Your certificate is 90 days "valid"
expires in 90 days	*, - 2 entries

but you use the test system

so your certificate is from

CN=Fake LE Intermediate X1
expires in 6080 days	

That's not a trusted certificate.

Change the caServer to the productive url

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.