Problem z Let's Encrypt i Traefik

Witam mam problem przy implementacji docker oraz traefik.

time="2022-10-16T11:38:16Z" level=debug msg="http: TLS handshake error from 10.0.0.2:53581: remote error: tls: unknown certificate"
time="2022-10-16T11:38:16Z" level=debug msg="http: TLS handshake error from 10.0.0.2:53580: remote error: tls: unknown certificate"
time="2022-10-16T11:38:16Z" level=debug msg="Serving default certificate for request: \"example.com\""
time="2022-10-16T11:38:16Z" level=debug msg="Serving default certificate for request: \"example.com\""
time="2022-10-16T11:38:16Z" level=debug msg="http: TLS handshake error from 10.0.0.2:53582: remote error: tls: unknown certificate"
time="2022-10-16T11:38:16Z" level=debug msg="http: TLS handshake error from 10.0.0.2:53583: remote error: tls: unknown certificate"
time="2022-10-16T11:44:32Z" level=debug msg="Serving default certificate for request: \"example.com\""
time="2022-10-16T11:44:32Z" level=debug msg="Serving default certificate for request: \"example.com\""
time="2022-10-16T11:44:32Z" level=debug msg="http: TLS handshake error from 10.0.0.2:53992: remote error: tls: unknown certificate"
time="2022-10-16T11:44:32Z" level=debug msg="http: TLS handshake error from 10.0.0.2:53993: remote error: tls: unknown certificate"

Plik acme.json jest ciagle pusty.

time="2022-10-16T11:46:46Z" level=debug msg="Attempt to renew certificates \"720h0m0s\" before expiry and check every \"24h0m0s\"" ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=letsencrypt.acme
time="2022-10-16T11:46:46Z" level=info msg="Testing certificate renew..." providerName=letsencrypt.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory"
time="2022-10-16T11:46:46Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"acme-http\":{\"entryPoints\":[\"web\"],\"service\":\"acme-http@internal\",\"rule\":\"PathPrefix(`/.well-known/acme-challenge/`)\",\"priority\":2147483647}},\"services\":{\"acme-http\":{},\"noop\":{}},\"serversTransports\":{\"default\":{\"maxIdleConnsPerHost\":200}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=internal
time="2022-10-16T11:46:46Z" level=debug msg="Configuration received: {\"http\":{},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=letsencrypt.acme
time="2022-10-16T11:46:46Z" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default
time="2022-10-16T11:46:46Z" level=debug msg="Added outgoing tracing middleware acme-http@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=web routerName=acme-http@internal
time="2022-10-16T11:46:46Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=web middlewareName=traefik-internal-recovery
time="2022-10-16T11:46:46Z" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default
time="2022-10-16T11:46:46Z" level=debug msg="Added outgoing tracing middleware acme-http@internal" entryPointName=web routerName=acme-http@internal middlewareName=tracing middlewareType=TracingForwarder
time="2022-10-16T11:46:46Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery

Plik portainer.yml

version: '3.5'

services:
  proxy:
    image: "traefik:latest"
    ports:
      - "80:80"
      - "443:443"
    networks:
      - public
    volumes:
      - "/etc/timezone:/etc/timezone"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/etc/traefik:/etc/traefik"
      - "/etc/traefik/logs:/etc/traefik/logs"
      - "/etc/letsencrypt:/etc/letsencrypt"
    deploy:
      mode: global
      placement:
        constraints: [node.role == manager]

  agent:
    image: portainer/agent:latest
    environment:
      # REQUIRED: Should be equal to the service name prefixed by "tasks." when
      # deployed inside an overlay network
      AGENT_CLUSTER_ADDR: tasks.agent
      # AGENT_PORT: 9001
      # LOG_LEVEL: debug
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    networks:
      - agent_network
    deploy:
      mode: global
      placement:
        constraints: [node.platform.os == linux]

  app:
    image: portainer/portainer-ce:latest
    command: -H tcp://tasks.agent:9001 --tlsskipverify
    volumes:
      - data:/data
    networks:
      - public
      - agent_network
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.role == manager]
      labels:
      - "traefik.enable=true"
      - "traefik.http.routers.portainer.rule=(Host(`example.com`) && PathPrefix(`/admin/portainer/`))"
      - "traefik.http.routers.portainer.entrypoints=web"
      - "traefik.http.services.portainer.loadbalancer.server.port=9000"
      - "traefik.http.routers.portainer.service=portainer"
      - "traefik.http.routers.portainer.tls=true"
      - "traefik.http.routers.portainer.tls.certresolver=letsencrypt"
      # Edge
      - "traefik.http.routers.edge.rule=Host(`edge.example.com`)"
      - "traefik.http.routers.edge.entrypoints=web"
      - "traefik.http.services.edge.loadbalancer.server.port=8000"
      - "traefik.http.routers.edge.service=edge"
      - "traefik.http.routers.edge.tls=true"
      - "traefik.http.routers.edge.tls.certresolver=letsencrypt"

networks:
  public:
    external: true
  agent_network:
    external: true

volumes:
   data:

Plik traefik.yml

################################################################
# Global configuration
################################################################

global:
  checkNewVersion: true
  sendAnonymousUsage: false

################################################################
# EntryPoints configuration
################################################################

entryPoints:
  web:
    address: :80

  websecure:
    address: :443

certificatesResolvers:
  letsencrypt:
    acme:
      email: mail@example.com
      storage: /etc/letsencrypt/acme.json
      httpChallenge:
        entryPoint: web

################################################################
# Traefik logs configuration
################################################################

log:
  filePath: /etc/traefik/logs/traefik.log
  level: DEBUG

################################################################
# Docker configuration backend
################################################################

docker:
  endpoint: "unix:///var/run/docker.sock"
  exposedByDefault: false
  network: "public"
  swarmMode: true
file:
    directory: /etc/traefik

Plik traefik-dynamic.yml

tls:
  stores:
    default:
      defaultGeneratedCert:
        resolver: letsencrypt
        domain:
          main: example.com
          sans:
            - edge.example.com

W przeglądarce cały czas wyświetla blad:

NET::ERR_CERT_AUTHORITY_INVALID

Czy jest ktoś w stanie mi wyjaśnić gdzie jest problem?

example.com wpisalem na potrzeby tego posta w konfiguracji jest tam moja domena.

:face_with_head_bandage:

Dostajesz się na port 80 lub 443 na Twojej domenie?