Traefik stores certificates as base64
encoded X.509 certificates and keys inside the certificate store.
This is a python script to export certificate from Traefik certificate store .json
file:
import json import base64 # Read Traefik ACME JSON with open("acme.json") as acme_file: acme = json.load(acme_file) # Select certificates from a specific resolver resolver_name = "my-resolver" certificates = acme[resolver_name]["Certificates"] # Find the specific certificate we are looking for certificate = [certificate for certificate in certificates if "myddomain.com" in certificate["domain"].get("sans", [])][0] # Extract X.509 certificate data certificate_data = base64.b64decode(certificate["certificate"]) key_data = base64.b64decode(certificate["key"]) # Export certificate and key to file with open("certificate.pem", "wb") as certfile: certfile.write(certificate_data) with open("key.pem", "wb") as keyfile: keyfile.write(key_data)
Note that depending on what is the primary name for your certificate, you might need to use
if "myddomain.com" == certificate["domain"]["main"]
instead of
if "myddomain.com" in certificate["domain"].get("sans", [])