Reputation: 63
Public domain app triggers "Not secure or Dangerous"
I deployed this React app as a side project based on this Full Stack FastAPI template using Traefik and docker-compose. I configured Github action on Azure self-hosted VM agent. After deploying using Azure VM and Azure DNS, I keep getting this message that the site is "Not secure or Dangerous". How do i get rid of this warning message? this is the full stack Fastapi template i'm using, it has a load balancer tool "traefik" and it has a certificate. I don't think the issue is related to an https thing.
services:
traefik:
image: traefik:3.0
ports:
# Listen on port 80, default for HTTP, necessary to redirect to HTTPS
- 80:80
# Listen on port 443, default for HTTPS
- 443:443
restart: always
...
volumes:
# Add Docker as a mounted volume, so that Traefik can read the labels of other services
- /var/run/docker.sock:/var/run/docker.sock:ro
# Mount the volume to store the certificates
- traefik-public-certificates:/certificates
command:
# Enable Docker in Traefik, so that it reads labels from Docker services
- --providers.docker
# Do not expose all Docker services, only the ones explicitly exposed
- --providers.docker.exposedbydefault=false
# Create an entrypoint "http" listening on port 80
- --entrypoints.http.address=:80
# Create an entrypoint "https" listening on port 443
- --entrypoints.https.address=:443
# Create the certificate resolver "le" for Let's Encrypt, uses the environment variable EMAIL
- --certificatesresolvers.le.acme.email=${EMAIL?Variable not set}
# Store the Let's Encrypt certificates in the mounted volume
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
# Use the TLS Challenge for Let's Encrypt
- --certificatesresolvers.le.acme.tlschallenge=true
# Enable the access log, with HTTP requests
- --accesslog
# Enable the Traefik log, for configurations and errors
- --log
# Enable the Dashboard and API
- --api
networks:
# Use the public network created to be shared between Traefik and
# any other service that needs to be publicly available with HTTPS
- traefik-public
volumes:
# Create a volume to store the certificates, even if the container is recreated
traefik-public-certificates:
networks:
# Use the previously created public network "traefik-public", shared with other
# services that need to be publicly available via this Traefik
traefik-public:
external: true
- see source: https://github.com/tiangolo/full-stack-fastapi-template/blob/master/docker-compose.traefik.yml
Upvotes: 0
Views: 33
Answers (1)
Reputation: 456
Sounds like Traefik is using a default TLS certificate, which is not trusted by the browser. This is usually created when the domain doesn't point to the right Traefik IP or certresolver settings are wrong. Enable Traefik debug log and check for errors (err) and acme messages.
Upvotes: 1
Related Questions
- traefik failed external connectivity - 443 already in use
- Traefik persistent volumes with docker compose
- Using Traefik with TLS (acme plugin) on non HTTP port for HTTP traffic
- What's wrong with this docker-compose.yml file to start traefix, wordpress and mariadb containers?
- Traefik with Let's Encrypt trying to request certificate for localhost
- Problem getting certificate from let's encrypt using Traefik with docker