I want to expose an HTTPS K8s service that uses a certificate derived from a custom root CA, outside the cluster using nginx ingress controller. Are the following configurations supported and if yes, how?
- client -- (HTTP) -- ingress -- (HTTPS) -- k8s service
- client -- (HTTPS) -- ingress -- (HTTPS) -- k8s service
Is it possible to configure nginx ingress controller such that it can do TLS and mutual-TLS with the HTTPS backend service? How do I provision a root certificate for backend server certificate validation to nginx ingress? Is it possible to do SSL termination on the ingress and do mutual-TLS with the backend?
