I created an ingress tls rule inside a GKE cluster which uses an nginx controller which uses an invalid certificate for testing purposes.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: backend
namespace: staging
spec:
rules:
- host: app.staging.xx.xx.xx.xx.nip.io
http:
paths:
- backend:
serviceName: backend
servicePort: 8000
path: /
tls:
- hosts:
- app.staging.xx.xx.xx.xx.nip.io
secretName: tls-keys
The referenced Secret
apiVersion: v1
data:
tls.crt: base64 encoded key
tls.key: base64 encoded key
kind: Secret
metadata:
name: tls-keys
namespace: staging
type: kubernetes.io/tls
The backend service for my pods
apiVersion: v1
kind: Service
metadata:
labels:
app: backend
name: backend
namespace: staging
spec:
clusterIP: 10.63.255.180
ports:
- port: 8000
protocol: TCP
targetPort: 8000
selector:
app: backend
When I access the page https://app.staging.xx.xx.xx.xx.nip.io the page suspiciously shows me the invalid Kubernetes Ingress Controller Fake Certificate instead of my custom invalid certificate.
Continuing with the security exception I get the default backend - 404
Why does my website not show up?
Is there are way to get more information why this is happening?