Sitecore Docker containers + Traefik v2 + self signed SSL certificates

I’ve used Traefik for quite some time now since I’ve first heard about it from @pbering and @joostmeijles. Traefik is a reverse proxy that plays very nicely with docker containers, you can quickly set up a reverse proxy to route incoming HTTP requests to specific docker containers without having to worry about the constant IP address changes when the container restarts as Traefik would be able to automatically detect this.

What about HTTPS?

In an XC docker container setup, A lot of the running application is accessible using https by default. The storefront site is by default accessible through https, the Commerce business tools, the Sitecore Identity server. Though most of those application can be configured to be accessible with HTTP, there are scenarios where you want to access those sites with HTTPS protocol.

@michaelwest101 and @pbering have an example of how this can be achieved by using Traefik

Those examples are provided with Traefik version 1.7, but I wanted to use the latest version of Traefik, which at this time of writing is version 2.1.3. So I created one based on those examples.

SSL Certs

Note that Traefik can generate a default SSL certificate if you don’t provide one. However, the default SSL certs don’t seem to work nicely with HSTS preloaded domain, which happens to be the domain name that I used to work in local environment.

I’ve also had some issue with the SSL certificate Powershell script example that Michael has since for some reason it keeps triggering smart card insertion popup window dialog which I reckon have something to do with my organization IT policy.

I ended up using mkcert for this.

@pbering repo has everything you need to get you up and running with Traefik v1. He pointed out there’s a container startup issue with Traefik v2 for 1809 docker image, since I’m working on 1903 and above I didn’t have this problem.

So I forked @pbering repo example and added an example of how you can use Traefik v2 and mkcert for local development setup.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.