coolify
coolify copied to clipboard
[Bug]: Traefik does not use custom SSL certificates
Is there an existing issue for this?
- [X] I have searched the existing issues
Description
Custom certificates that have been created through a certification authority other than LetsEncrypt seemingly cannot be used on any domain. After adding a custom ssl certificate in the SSL Certificate
section of the settings menu traefik is still using the default self signed certificate for the coolify front-end as well as any of my applications. It ignores the custom certificate even though the certificate was created for the specified domain in the settings menu. Traefik then tries to auto generate a new certificate through LetsEncrypt which fails immediately because our institution's CAA record prevents LetsEncrypt from generating one. In the final setup I would like to use a wildcard certificate (not created through LetsEncrypt) to serve all of our applications over HTTPS.
Traefik Error when restarting
Steps To Reproduce
- After logging into the Coolify front-end go to
Settings
- In the
Coolify Settings
section set theURL (FQDN)
to your DNS - Navigate to
SSL Certificates
- Add a custom SSL certificate created by a certification authority other than LetsEncrypt
Expected behaviour: -> Traefik should now use the supplied SSL certificate for the specified URL (FQDN). This is not the case.
Restarting Traefik and Coolify after uploading the custom certificate does not fix the issue.
Version
3.11.4
@andrasbacsai is there any news on how far down the docket fixing this issue is, or if this is at all something you are planning to address? As of now this sadly prevents us from using coofily in production.
Same thing here. This completely blocks usage of Coolify for me.
I have the same problem, using coolify in production of not possible for me under those circumstances.
Is there any documentation on this process? I would also prefer to add custom generated certs using a local certificate authority
Is there any documentation on this process? I would also prefer to add custom generated certs using a local certificate authority
No, and it doesn't work currently, anyway.
It looks like the certs are correctly uploaded and saved into
/coolify-traefik-letsencrypt/_data/custom
.
Maybe as a quick fix, is there a way to tweak the Treafik config somewhere?
@syrenius I also searched around coolify's docker container before I opened this issue and found the same thing. There might be a way to configure traeffik from inside the container but I didn't want to spend too much time on a hacky solution like this as I don't know traeffik that well. Yes, it might be possible but it will most definitely not be a viable solution in the long run as this should in my opinion work "out of the box" as it's a foundational feature for a platform like coolify. Unfortunately, the maintainer @andrasbacsai has been entirely unresponsive to any of my posts here or on the Discord channel (even as to just let users know if this feature is at all planned), so that I have given up on using this project. If you find a way to make it work it would be nice if you could post your solution here though.
I'm closing this issue, because tracking features will be moved to GitHub discussions. Github issues will be only for bugs.
Version 4 is in full focus. v3 related issues will be closed, if it is not a critical bug.
Thanks for your understanding.
But isn't this critical? It literally made it completely impossible for me to use Coolify in any way and seems like core functionality.
Will this be fixed in v4?