Traefik and custom certificate renewal

Question

I have a specific certificate generated by letsencrypt.

In my traefik config, I have:

kind: ConfigMap
apiVersion: v1
metadata:
  name: traefik-config
data:
  traefik.toml: |
    # traefik.toml
    defaultEntryPoints = ["http","https"]
    [entryPoints]
      [entryPoints.http]
      address = ":80"
      [entryPoints.http.redirect]
        entryPoint = "https"
      [entryPoints.https]
      address = ":443"
        [entryPoints.https.tls]
          [[entryPoints.https.tls.certificates]]
          certFile = "/etc/xxx/my-cert.crt"
          keyFile = "/etc/xxx/my-cert.key"

    [acme] # Automatically add Let's Encrypt Certificate.
      storage= "/etc/certificate/acme.json"
      email = "john.doe@company.com"
       entryPoint = "https"
       onHostRule = true
       caServer = "https://acme-v02.api.letsencrypt.org/directory"
        [acme.dnsChallenge]
        provider = "route53"
        delayBeforeCheck = 0
    [[acme.domains]]
      main = "*.company.com"
    #[[acme.domains]]
    #  main = "*.espace-client.company.com"

Thing is my certicate :

/etc/xxx/my-cert.crt

will end in 10 days.

I also have the a certificate for the wild card: *.company.com

Will traefik renew it automatically or should I do something ?

Answer 1

According to the documentation, the certificate should never end in 10 days. Something must be wrong.

"If there are less than 30 days remaining before the certificate expires, Traefik will attempt to renew it automatically."

You should check the logs of your traefik container:

docker logs traefik-container