Traefik with self-signed certificate

Question

I have a Traefik reverse proxy which generate ACME certificate and I would like to have SSL enabled on my docker container.

In my container I have a self-signed certificate but Traefik refuse to connect to it.

My docker-compose.yml :

version: "2"
services:
  magento:
    image: lavoweb/php-5.6
    expose: 
     - 80
     - 443
    volumes:
     - ./data/src/:/var/www/html
    labels:
     - "traefik.port=80"
     - "traefik.backend=swarm"
     - "traefik.protocol=https"
     - "traefik.frontend.rule=Host:1.swarm.lavoweb.net"
     - "traefik.docker.network=web"
    networks:
     - web
     - internal
networks:
  web:
    external:
      name: web
  internal:
    driver: bridge

I got this error:

Internal Server Error

Answer 1

This is how I've managed to get this working with the LetsEncrypt automated renewal using Docker Swarm and Docker Compose V3:

version: '3'
services:
  traefik:
    image: traefik
    command: --web --docker --docker.domain=docker.localhost --docker.watch \
      --logLevel=DEBUG \
      --defaultEntryPoints='http,https' \
      --entryPoints='Name:http Address::80' \
      --entryPoints='Name:https Address::443 TLS' \
      --docker.swarmmode=true \
      --docker.exposedbydefault=false \
      --acme \
      --acme.entryPoint='https' \
      --acme.email='sugarcane@gmail.com' \
      --acme.ondemand=false \
      --acme.acmelogging=true \
      --acme.onhostrule=true \
      --acme.storage='/etc/traefik/acme/acme.json'
    networks:
      - default
      - traefik-net
    ports:
      - "80:80"
      - "8080:8080"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - traefikdata:/etc/traefik/acme

  mytestservice:
    image: blah/mytestservice
    networks:
      - default
      - traefik-net
    ports:
      - "8001:80"
    deploy:
      labels:
        - "traefik.port=80"
        - "traefik.enable=true"
        - "traefik.backend=machine-mytestservice"
        - "traefik.docker.network=traefik-net"
        - "traefik.frontend.rule=Host:mydomain.com,www.mydomain.com"

networks:
  traefik-net:

volumes:
  traefikdata: