Traefik HTTP Challenge "Not Enabled" Error Fix¶
Problem¶
Traefik logs show:
Root Cause¶
The error occurs when Traefik's internal ACME HTTP challenge router (acme-http@internal) tries to use the web entrypoint, but the entrypoint has a redirect configured. Traefik needs to handle ACME challenges before redirects are applied.
Solution¶
Reordered the configuration to ensure HTTP challenge is configured before the redirect is set up. This ensures Traefik can handle ACME challenges properly.
Before:
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=websecure # Redirect configured first
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web # Challenge configured after
After:
- --entrypoints.web.address=:80
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web # Challenge configured first
- --entrypoints.web.http.redirections.entrypoint.to=websecure # Redirect configured after
Why This Works¶
Traefik processes configuration in order. By configuring the HTTP challenge before the redirect, Traefik can set up the ACME challenge handler before the redirect rule is applied. This allows ACME challenges to work correctly even with HTTPS redirects.
Important Note¶
This error might be a false positive - Traefik may still handle ACME challenges correctly even with the error message. However, reordering the configuration ensures proper setup and eliminates the error.
Verification¶
After applying the fix:
# Restart Traefik
docker compose -f infrastructure/compose/shared.yml --env-file infrastructure/compose/.env.shared restart traefik
# Check logs - should see no "HTTP challenge is not enabled" errors
docker logs po-traefik 2>&1 | grep -i "HTTP challenge is not enabled"
# Should output nothing (no errors)
Expected Behavior¶
- ✅ No "HTTP challenge is not enabled" errors
- ✅ ACME HTTP challenges work correctly
- ✅ HTTPS redirects still work
- ✅ Certificates can be obtained from Let's Encrypt
Related¶
- Traefik Fixes - Complete Traefik fix documentation
- Traefik Restart Services - How to restart services