Traefik dns challenge
Hi, i have a setup with multiple remote servers, and I want for each of them to host my regional domain: app.example.com (each server different region)
My questions are:
1. If one server has already completed a DNS challenge, do the other servers also have access to that certificate, or do they each need to perform their own DNS challenge to obtain a certificate?
2. If all servers have access to the certificates, is there a risk of a race condition where multiple servers attempt the DNS challenge at the same time? Or do they somehow know that one server is already in the process of validation?
4 Replies
Distributed Traefik ACME is an enterprise feature. Every server will try to fetch SSL certificate for the same domain, and if you load balance between them, the wrong server may get the challenge response.
So if I self-host Dokploy, do i not have access to this feature?
Dokploy only comes with Traefik CE. Same with the cloud version. You can't loadbalance ingress. You would need another external loadbalancer which handles SSL/TLS termination for you.
Okey, thank you!