I had not see this attribute before you point it. When dealing with an HTTPS route, Traefik Proxy goes through your default certificate store to find a matching certificate. A certificate resolver is responsible for retrieving certificates. Here, lets define a certificate resolver that works with your Lets Encrypt account. The configuration file allows managing both backends/frontends and HTTPS certificates (which are not Let's Encrypt certificates generated through Trfik). Forwarding to https backend fails with ingress - Traefik v1 The magic happens when Traefik inspects your infrastructure, where it finds relevant information and discovers which service serves which request. Forwarding to https backend fails Issue #7462 traefik/traefik gRPC Server Certificate How about saving the world? If so, youll be interested in the automatic certificate generation embedded in Traefik Proxy, thanks to Lets Encrypt. image version : traefik:v2.1.1, kubectl version Traefik even comes with a nice dashboard: With this simple configuration, Qualys SSL Labs Traefik is a leading modern reverse proxy and load balancer that makes deploying microservices easy. Earlier, I enabled TLS on my router like so: Now, to enable the certificate resolver and have it automatically generate certificates when needed, I add it to the TLS configuration: Now, if your certificate store doesnt yet have a valid certificate for example.com, the le certificate resolver will transparently negotiate one for you. Internal Server Error when I try to use HTTPS protocol for traefik backend It usually Which was the first Sci-Fi story to predict obnoxious "robo calls"? If I had omitted the .tls.domains section, Traefik Proxy would have used the host ( in this example, something.my.domain) defined in the Host rule to generate a certificate. So, no certificate management yet! I am trying to setting traefik to forward request to backend using https protocol. The only unanswered question left is, where does Traefik Proxy get its certificates from? Docker friends Welcome! I try to do TLS Termination. # Dynamic configuration tls: options: require-mtls: clientAuth: clientAuthType: RequireAndVerifyClientCert caFiles: - /certs/rootCA.crt. 29 comments jjn2009 commented on May 10, 2016 edited by emilevauge mentioned this issue #402 base: mirrors.usc.edu epel: ftp.osuosl.org extras: mirrors.evowise.com updates: centos.pymesolutionsweb.com ldez area/tls label Tikz: Numbering vertices of regular a-sided Polygon. HTTPS with traefik and Let's Encrypt. Traefik backend https and Internal Server Error : r/Traefik - Reddit privacy statement. docker service logs traefik_traefik Check the user interface After some seconds/minutes, Traefik will acquire the HTTPS certificates for the web user interface (UI). Traefik Proxy with HTTPS - Docker Swarm Rocks