Docker-compose with let’s encrypt : HTTP Challenge

    For the HTTP challenge you will need:

    • A publicly accessible host allowing connections on port & 443 with docker & docker-compose installed.
    • A DNS record with the domain you want to expose pointing to this host.
    • Create a docker-compose.yml on your remote server with the following content:
    • Replace [[email protected]](https://doc.traefik.io/cdn-cgi/l/email-protection) by your own email within the certificatesresolvers.myresolver.acme.email command line argument of the traefik service.
    • Replace whoami.example.com by your own domain within the traefik.http.routers.whoami.rule label of the whoami service.

    • Wait a bit and visit https://your_own_domain to confirm everything went fine.

    Note

    You can now safely comment the acme.caserver line, remove the letsencrypt/acme.json file and restart Traefik to issue a valid certificate.

    What changed between the basic example:

    • We configure a second entry point for the HTTPS traffic:
    • We configure the HTTPS let’s encrypt challenge:
    1. command:
    3.   # Tell it to use our predefined entrypoint named "web"
    4.   - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
    5.   # The email to provide to let's encrypt
    6.   - "[email protected].com"
    • We add a volume to store our certificates:
    • We configure the whoami service to tell Traefik to use the certificate resolver named myresolver we just configured:
    1. labels: