I want to secure my K8s application with TLS. I've generated 2 SSL certificates with Let's Encrypt: one for kamerbaas.nl and one for gateway.kamerbaas.nl. I created two secrets from the files tls.crt and tls.key for each domain.
The YAML file of my Ingress is as follows:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: gateway-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
tls:
- hosts:
- gateway.kamerbaas.nl
secretName: gateway.kamerbaas.nl
- hosts:
- kamerbaas.nl
secretName: kamerbaas.nl
rules:
- host: gateway.kamerbaas.nl
http:
paths:
- path: /*
backend:
serviceName: kb-gateway
servicePort: 80
- host: kamerbaas.nl
http:
paths:
- path: /*
backend:
serviceName: kb-frontend
servicePort: 80The catch: When I go to https://gateway.kamerbaas.nl, it works; it's showing a green lock. When I go to https://kamerbaas.nl however, it says it's not secure, since it's trying to use the certificate of gateway.kamerbaas.nl.
I've ruled out the possibility that it's a cache issue, and I've ensured that I didn't mix my certificate files up. I'm 100% sure the secrets are right.
Why is kamerbaas.nl trying to use the certificate of gateway.kamerbaas.nl?
Ps. gateway.kamerbaas.nl has a node-express server running with HTTPS. I've loaded my certificates there as well. kamerbaas.nl has a node server without https, could that be the problem? I'm guessing it doesn't matter, since my Ingress rules only points to port 80 of my services, which is the port for unsecured HTTP.