Thanks for answers ! 
But still not working for me
tree :
├── acme.json
├── docker-compose.yml
├── tls
│ └── dynamic-conf.toml
└── traefik.toml
traefik.toml
[log]
level = "DEBUG"
[providers.docker]
network = "traefik"
[api]
dashboard = true
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web-secured]
address = ":443"
[certificatesResolvers]
[certificatesResolvers.default.acme]
email = "toto.toto@gmail.com"
storage = "acme.json"
[certificatesResolvers.default.acme.tlsChallenge]
[providers.file]
directory = "/tls/dynamic-conf.toml"
docker-compose.yml
version: "3"
networks:
traefik:
external: true
services:
traefik:
networks:
- traefik
image: traefik:v2.0.2
container_name: Traefik
ports:
- 80:80
- 443:443
expose:
- 8080
restart: always
volumes:
- ./acme.json:/acme.json
- ./traefik.toml:/traefik.toml
- ./tls:/tls
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.http.routers.api.rule=Host(`toto.xyz`)"
- "traefik.http.routers.api.entrypoints=web-secured"
- "traefik.http.routers.api.service=api@internal"
- "traefik.http.routers.api.tls"
- "traefik.http.routers.api.middlewares=authTraefik"
- "traefik.http.middlewares.authTraefik.basicauth.users=toto:$$2y$$05$$i4sdsm4gzH3sdqshzc3V64xB/ih9OyKrhet10NcskB/Lj5BUFPU.sdqsdsqdsds"
/tls/dynamic-conf.toml
[tls]
[tls.options]
[tls.options.default]
minVersion = "VersionTLS12"
sniStrict = true
cipherSuites = [
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
"TLS_AES_128_GCM_SHA256",
"TLS_AES_256_GCM_SHA384",
"TLS_CHACHA20_POLY1305_SHA256",
]