Menu
An SSL redirect is enabled by default in a Kubernetes NGINX ingress. How can this be disabled? Current implementation below:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: project_name-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: project_name
servicePort: 80
686
Sometimes we need to disable the Kubernetes Ingress. For instance, by default the controller redirects (308) to HTTPS if TLS is enabled for that ingress. If we want to disable this behavior globally, we can use ssl-redirect: “false” in the NGINX.
Solution: Kubernetes Ingress Controller fake certificate is returned by the NGINX ingress controller. You can configure --default-ssl-certificate in daemonset nginx-ingress-controller to replace "Kubernetes Ingress Controller Fake Certificate”.
SSL termination refers to the process of decrypting encrypted traffic before passing it along to a web server.
Adding nginx.ingress.kubernetes.io/ssl-redirect: "false" to annotations will disable the SSL redirect:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: project_name-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: project_name
servicePort: 80
Note that false is wrapped in quotation marks. I found it didn't work without this string casting.
84
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With