Azure eventgrid subscription verification with AKS/ingress TLS certificates generated by certificate manager
Trying to add a subscription to azure eventgrid custom topic with webhook. Webhook is springboot application deployed on AKS. Exposed using ingress controller. Used certificate manager to generate certificates.
No problem with the application code as i could successfully create a event subscription with the same code running on my local(exposing through public IP).
I am able to access the application from postman. When I POST validation JSON from postman i am getting valid response. {"validationResponse": "0000000000-0000-0000-0000-00000000000000"}
So the problem should be with certificates or security or ingress.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: sample-ingress
namespace: hello
annotations:
kubernetes.io/ingress.class: nginx
certmanager.k8s.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
tls:
- hosts:
- demo-test.eastus.cloudapp.azure.com
secretName: tls-secret
rules:
- host: demo-test.eastus.cloudapp.azure.com
http:
paths:
- backend:
serviceName: api
servicePort: 80
path: /(.*)
- backend:
serviceName: api
servicePort: 80
path: /api/(.*)
- backend:
serviceName: workflow
servicePort: 80
path: /workflow/(.*)
---
apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
namespace: hello
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: user@contoso.com
privateKeySecretRef:
name: letsencrypt-staging
http01: {}
Azure eventgrid subscription validation should be success. https://docs.microsoft.com/en-us/azure/aks/ingress-tls followed the above link.
The problem was with self signed certificates. Things worked after giving valid certificates