Lets encrypt certificate not fetched for internal non-docker website

disclaimer: I'm fairly new to Docker and Traefik. I'm slowly progressing and getting to know my Traefik environment.

I have a Docker swarm, in which I currently run these containers using docker-compose: Traefik, viz and a webserver (whoami). I successfully do reverse-proxy for viz and webserver, and have the TLS certificates from letsencrypt. I also managed to put in an authentication and security headers middleware using a dynamic configuration file.

I have another internal website running (which I call Digimon), outside of my docker container. I want to reverse proxy this website using a Letsencrypt certificate too. However, these certificates do not get downloaded, and I'm presented with the default Traefik certificate. The DNS record has been created in my domain.

The Traefik log shows : time="2019-12-13T10:27:17Z" level=error msg="error while parsing rule HostSNI(digimon.domain.com): unsupported function: HostSNI" entryPointName=websecure routerName=digimon@file

The access log shows: "time="2019-12-13T10:18:03Z" level=debug msg="http: TLS handshake error from 10.0.0.3:63465: remote error: tls: unknown certificate"

What am I doing wrong ?

This is the dynamic configuration file:

tls:
  options:
    default:
#      sniStrict: true
      minVersion: VersionTLS13
    mintls13:
      minVersion: VersionTLS13
http:
  middlewares:
    auth:
      basicAuth:
        users:
          - “test:pwd”
    d-auth:
      digestAuth:
        users:
          - “test:realm:pwd”
        realm: "realm"
    security-headers:
      headers:
        AccessControlAllowOrigin: "origin-list-or-null"
        sslRedirect: true
        stsSeconds: 315360000
        STSPreload: true
        stsIncludeSubdomains: true
        browserXssFilter: true
        contentTypeNosniff: true
        forceSTSHeader: true
        frameDeny: true
  services:
    digimon:
      loadBalancer:
        servers:
          - url: "http://192.168.0.10/"
  routers:
    digimon:
      entryPoints:
        - "websecure"
      rule: "HostSNI(`digimon.domain.com`)"
      middlewares:
        - d-auth
        - security-headers
      service: digimon
      tls:
        certresolver: mytlschallenge```

noob error, "certresolver" should read "certResolver" :slight_smile: