Traefik stores certificates as base64 encoded X.509 certificates and keys inside the certificate store.
This is a python script to export certificate from Traefik certificate store .json file:
import json
import base64
# Read Traefik ACME JSON
with open("acme.json") as acme_file:
acme = json.load(acme_file)
# Select certificates from a specific resolver
resolver_name = "my-resolver"
certificates = acme[resolver_name]["Certificates"]
# Find the specific certificate we are looking for
certificate = [certificate for certificate in certificates if "myddomain.com" in certificate["domain"].get("sans", [])][0]
# Extract X.509 certificate data
certificate_data = base64.b64decode(certificate["certificate"])
key_data = base64.b64decode(certificate["key"])
# Export certificate and key to file
with open("certificate.pem", "wb") as certfile:
certfile.write(certificate_data)
with open("key.pem", "wb") as keyfile:
keyfile.write(key_data)Note that depending on what is the primary name for your certificate, you might need to use
if "myddomain.com" == certificate["domain"]["main"]
instead of
if "myddomain.com" in certificate["domain"].get("sans", [])