CODEWITHSUNDEEP
amazon-route53traefikacme
Mark Francis
Mark Francis

Reputation: 137

Traefik Acme "MissingEndpoint" 'Endpoint' configuration is required for this service

I've been using Traefik for a while now to get and renew an ACME wildcard certificate. It uses AWS Route 53 for a DNS Challenge. The cert recently expired, having failed to renew with an error I can't find a solution anywhere. "Endpoint" doesn't seem to exist in any documentation on Traefik I can find.

route53: MissingEndpoint: 'Endpoint' configuration is required for this service

FULL ERROR:

time="2022-05-09T20:23:49Z" level=error msg="Error renewing certificate from LE: {*.internal.<DOMAIN REMOVED> []}, error: one or more domains had a problem:\n[*.internal.<DOMAIN REMOVED>] [*.internal.<DOMAIN REMOVED>] acme: error presenting token: route53: MissingEndpoint: 'Endpoint' configuration is required for this service\n" providerName=dns-route53.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" here

Here's a cut down version of my docker-compose file to define Traefik:

services:
  traefik:
    image: "traefik:latest"
    environment:
      - AWS_ACCESS_KEY_ID=${TRAEFIK_AWS_ACCESS_KEY_ID}
      - AWS_SECRET_ACCESS_KEY=${TRAEFIK_AWS_SECRET_ACCESS_KEY}
      - AWS_REGION=${AWS_REGION}
      - AWS_HOSTED_ZONE_ID=${ROUTE53_HOSTED_ZONE_ID}
    command:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entryPoints.http.address=:80"
      - "--entryPoints.https.address=:443"
      - "--entrypoints.https.http.tls.certResolver=dns-route53"
      - "--entrypoints.public.http.tls.certResolver=dns-route53"
      - "--entrypoints.https.http.tls.domains[0].main=*.${DOMAIN}"
      - "--certificatesresolvers.dns-route53.acme.dnsChallenge=true"
      - "--certificatesResolvers.dns-route53.acme.dnsChallenge.provider=route53"
      - "--certificatesResolvers.dns-route53.acme.email=dns@${DOMAIN}"
      - "--certificatesResolvers.dns-route53.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    restart: always

I'm using:

Upvotes: 1

Views: 1772

Answers (1)

Mark Francis
Mark Francis

Reputation: 137

This likely won't help anyone, but this specific problem was caused because AWS_REGION was set incorrectly.

Upvotes: 6

Related Questions