I enabled in my backend tls. So every traffic needs to go through "https://.....". I am able to access it locally or with Port-Forwarding in Kubernetes. But I cannot access it through the DNS (e.g. https://hostname.net/backend/....).
I get as answer:
Bad Request
This combination of host and port requires TLS.
I read that the certificates could be wrong, but with port-forwarding everything works, so I don't think this could be the problem. Certificates are self-signed. I have only on my server certificates.
Before I add tls, everythinkg works fine.
Here is my service and my ingress:
apiVersion: v1
kind: Service
metadata:
name: app-Core
namespace: namespace
spec:
clusterIP: xxx.xxx.xxx.xxx
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app.kubernetes.io/instance: core
app.kubernetes.io/name: app
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
----------------------------------
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
name: core-app-core
namespace: namespace
spec:
rules:
- host: hostname
http:
paths:
- backend:
serviceName: app-Core
servicePort: 8080
path: /backend(/|$)(.*)
- backend:
serviceName: app-Core
servicePort: 8080
path: /camunda(/|$)(.*)
status:
loadBalancer:
ingress:
- ip: xxx.xxx.xxx.xxx
Try to add
nginx.ingress.kubernetes.io/backend-protocol: httpsannontation to your ingress definition.Using
backend-protocolannotations is possible to indicate how NGINX should communicate with the backend service. By default NGINX usesHTTP.Take a look: ingress-tls, backend-protocol.