@@ -71,15 +71,23 @@ To configure traefik to use let's encrypt, first we need to register a [certific
7171``` toml
7272# static configuration
7373
74- # need an http endpoint, not just https
75- [entrypoints .http ]
74+ # redirect all http requests to https
75+ [entrypoints .httponly ]
7676address = " :80"
77+ [entryPoints .httponly .http .redirections .entryPoint ]
78+ to = " https"
79+ scheme = " https"
7780
78- [certificateResolvers .letsencrypt .acme ]
81+ # configure
82+ [certificatesResolvers .letsencrypt .acme ]
79838084storage = " acme.json" # file where certificates are stored
81- [certificateResolvers .letsencrypt .acme .httpChallenge ]
82- entryPoint = " http"
85+ # use the staging server to test your deployment
86+ # uncomment this when you are ready for production
87+ caServer = " https://acme-staging-v02.api.letsencrypt.org/directory"
88+
89+ # tlsChallenge means you don't need an http endpoint
90+ [certificatesResolvers .letsencrypt .acme .tlsChallenge ]
8391```
8492
8593And in your extra dynamic configuration, specify the domain(s) you want certificates for:
@@ -110,22 +118,19 @@ c.TraefikProxy.extra_static_config = {
110118 " http"
111119 " tls"
112120 " options" " default"
113- }
114- }
121+ },
122+ },
115123 },
116124 },
117- " certificateResolvers "
125+ " certificatesResolvers "
118126 " letsencrypt"
119127 " acme"
120128121129 " storage" " acme.json"
122130 },
123- " httpChallenge"
124- " entryPoint" " https"
125- }
126- }
127-
128- }
131+ " tlsChallenge"
132+ },
133+ },
129134}
130135
131136
@@ -137,10 +142,10 @@ c.TraefikProxy.extra_dynamic_config = {
137142 " resolver" " letsencrypt"
138143 " domain"
139144 " main" " hub.example.com"
140- }
141- }
142- }
143- }
145+ },
146+ },
147+ },
148+ },
144149 },
145150}
146151```
0 commit comments