Your connection to this site is not secure(nginx ingress)

11/3/2019

https://github.com/kubernetes-retired/contrib/tree/master/ingress/controllers/nginx/examples/tls

I've tried to configure https for my ingress resource by this tutorial. I've done all the needed steps, but when I try to go to my site it send me:

enter image description here

Should I do some additional steps?

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
spec:
  rules:
  - host: www.domain.com
    http:
      paths:
      - backend:
          serviceName: front-end-service
          servicePort: 80
        path: /
  - host: www.domain.com
    http:
      paths:
      - backend:
          serviceName: back-end-service
          servicePort: 3000
        path: /api
  tls:
  - hosts:
    - www.domain.com
    secretName: my-sectet

Sectet which I've created exist . I've checked it by using this command kubectl get secrets and name the same like I use in ingress resource.

If you need additiona info , pls let me know

-- Andrey Radkevich
google-cloud-platform
google-kubernetes-engine
https
kubernetes
nginx-ingress

2 Answers

11/3/2019

As mentioned in the comments, this tutorial is guiding you through setting up a self-signed certificate, which is not trusted by your browser. You would need to provide a cert your browser trusts or temporarily ignore the error locally. LetsEncrypt is an easy and free way to get a real cert, and cert-manager is a way to do that via Kubernetes.

-- coderanger
Source: StackOverflow

11/4/2019

If you are open to use jetstack then you can refer this for installation via helm chart and thereafter following the steps in this stackoverflow post, you can get this done with a secure connection.

Jetstack will create the secret patched to ingress tls itself and just check the status of certificate once you map the secret name with ingress rule, there certificate should attain ready state.

-- Tushar Mahajan
Source: StackOverflow