Traefik issues a CSR for "Creating CSR for darkstar.kpn with DNS ['darkstar.kpn'] and IPs []" because Traefik.server_cert_sans_dns is returning ['darkstar.kpn'] i.e.
We could try setting traefik's external hostname to darkstar.kpn to see if that helps. If this is the issue, we could try to document it or detect this scenario and change the logic around it.
Bug Description
TLDR: "It works on my virtual machine"
Traefik issues a CSR for "
Creating CSR for darkstar.kpn with DNS ['darkstar.kpn'] and IPs []
" becauseTraefik.server_cert_sans_dns
is returning['darkstar.kpn']
i.e.Supposing the app IP is "10.64.140.43"
Note that
darkstar
is the name of my machine.In a VM, you get
Traefik doesn't expect 'darkstar.kpn' and therefore we have a mismatch between the SANs in the certs issued to traefik by self-signed-certificates.
Note: in another case, (the VM's network was bridged to the host with e.g.
--network enp1s0
) we got:To Reproduce
n/a
Environment
n/a
Relevant log output
Additional context
No response