I have 2 services deployed in Kubernetes both should be ssl end to end.
Web based Application needs sticky session, so its been exposed using Ingress.
Web Based Application ---> Ingress(HTTPS) --> Service(ClusterIP) --> Pods(Enabled SSL)
Business Service --> Service(Load Balancer/Cluster IP) --> Pods(Enables SSL)Here the requirement is Business Service should be accessible only by Web App and not by anyone else. With just HTTP, I can have ClusterIP and restrict business service access using Network policies. But, I need SSL from WebApp to Business service. It throws error("Domain name not matching") if I access using https. Is there any better way for this?
It depends on how you access the Business Service from your Web Based App. You should use DNS service discovery here, see DNS for Services and Pods and your https-certificate must reflect this URL, you could use a self-signed certificated here.