How do I make an ingress forward to an ssl port(443) if https traffic

How does an ingress forward https traffic to port 443 of the service(eventually to 8443 on my container)? Do I have to make any changes to my ingress or is this done automatically.

On GCP, I have a layer 4 balancer -> nginx-ingress controller -> ingress

My ingress is:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-keycloak
  annotations:
    kubernetes.io/ingress.class: "nginx"
    certmanager.k8s.io/issuer: "letsencrypt-prod"
    certmanager.k8s.io/acme-challenge-type: http01


spec:
  tls:
  - hosts:
    - mysite.com
    secretName: staging-iam-tls
  rules:
  - host: mysite.com
    http:
      paths:
      - path: /auth
        backend:
          serviceName: keycloak-http
          servicePort: 80

I searched online but I don't see explicit examples of hitting 443. It's always 80(or 8080)

My service keycloak-http is(elided and my container is actually listening at 8443)

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: 2019-05-15T12:45:58Z
  labels:
    app: keycloak
    chart: keycloak-4.12.0
    heritage: Tiller
    release: keycloak
  name: keycloak-http
  namespace: default
 ..
spec:
  clusterIP: ..
  externalTrafficPolicy: Cluster
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: http
  - name: https
    port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    app: keycloak
    release: keycloak
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}