Hi, Folks.
I use traefik v1.7.21 as my ingress controller. I enable acme and also enable onHostRule to obtain SSL cert from let's encrypt based on frontend host. The problem is when i use custom error page traefik try spam let's encrypt with invalid domain: error-pages .
Here my log:
{"level":"error","msg":"Unable to obtain ACME certificate for domains \"error-page\" detected thanks to rule \"Host:error-page\" : unable to generate a certificate for the domains [error-page]: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Cannot issue for \"error-page\": Domain name needs at least one dot, url: ","time":"2020-03-19T09:14:01Z"}
Here my working ingress conf:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: mycustom-ns
name: domainname.com
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/redirect-entry-point: https
traefik.ingress.kubernetes.io/redirect-permanent: "true"
traefik.ingress.kubernetes.io/priority: "20"
traefik.ingress.kubernetes.io/error-pages: |-
customerror:
status:
- '401'
- '403'
- '404'
- '429'
- '500'
- '503'
# See below on where "error-pages" comes from
backend: 20-error-pages
query: "/{status}.html"
spec:
rules:
- host: domainname.com
http:
paths:
- path: /
backend:
serviceName: apache
servicePort: 80
- host: error-pages
http:
paths:
- backend:
serviceName: traefik-catchall
servicePort: 80
Any idea to disable ssl cert request for error-pages?
Thanks