'Traefik Acme "MissingEndpoint" 'Endpoint' configuration is required for this service

I've been using Traefik for a while now to get and renew an ACME wildcard certificate. It uses AWS Route 53 for a DNS Challenge. The cert recently expired, having failed to renew with an error I can't find a solution anywhere. "Endpoint" doesn't seem to exist in any documentation on Traefik I can find.

route53: MissingEndpoint: 'Endpoint' configuration is required for this service

FULL ERROR:

time="2022-05-09T20:23:49Z" level=error msg="Error renewing certificate from LE: {*.internal.<DOMAIN REMOVED> []}, error: one or more domains had a problem:\n[*.internal.<DOMAIN REMOVED>] [*.internal.<DOMAIN REMOVED>] acme: error presenting token: route53: MissingEndpoint: 'Endpoint' configuration is required for this service\n" providerName=dns-route53.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" here

Here's a cut down version of my docker-compose file to define Traefik:

services:
  traefik:
    image: "traefik:latest"
    environment:
      - AWS_ACCESS_KEY_ID=${TRAEFIK_AWS_ACCESS_KEY_ID}
      - AWS_SECRET_ACCESS_KEY=${TRAEFIK_AWS_SECRET_ACCESS_KEY}
      - AWS_REGION=${AWS_REGION}
      - AWS_HOSTED_ZONE_ID=${ROUTE53_HOSTED_ZONE_ID}
    command:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entryPoints.http.address=:80"
      - "--entryPoints.https.address=:443"
      - "--entrypoints.https.http.tls.certResolver=dns-route53"
      - "--entrypoints.public.http.tls.certResolver=dns-route53"
      - "--entrypoints.https.http.tls.domains[0].main=*.${DOMAIN}"
      - "--certificatesresolvers.dns-route53.acme.dnsChallenge=true"
      - "--certificatesResolvers.dns-route53.acme.dnsChallenge.provider=route53"
      - "--certificatesResolvers.dns-route53.acme.email=dns@${DOMAIN}"
      - "--certificatesResolvers.dns-route53.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    restart: always

I'm using:

  • Traefik version 2.6.6 built on 2022-05-03T16:58:48Z"
  • Docker version 20.10.14, build a224086 (all services as a single docker-compose)
  • AWS Route 53
amazon-route53traefikacme


Solution 1:[1]

This likely won't help anyone, but this specific problem was caused because AWS_REGION was set incorrectly.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Mark Francis

Related Questions

Redirect Elastic Beanstalk URL to domain name

create a record set to a spot instance on aws route 53

How to setup AWS cloudfront with lightsail for WordPress?

Logging for public hosted zone Route53

Is there a way to have an AWS spot instance register with route53 on boot?

Route53 DNS issue with Django Elastic Beanstalk app

Route53 DNS issue with Django Elastic Beanstalk app

AWS Route53 - Adding Simple Record

AWS Certificate Manager, cannot get https for subdomain

cert-manager with ZeroSSL creating multiple orders even if previous orders are ready

How can I redirect http to https using traefik?

Traefik (v2.2) Ingress on Kubernetes: HTTP and HTTPS cannot co-exist

How to allow a slow-response in Traefik 2+?

Traefik Docker with wildcard domain

Traefic docker container reverse-proxy redirect fails to ports provided by other containers: Gateway timeout