So I am using the Gitlab registry helm chart, for legacy support I have to expose the registry at example.com:4567.

I am able to expose the port but unable to create a secure connection. E.g. chrome states "This site can't provide a secure connection"

Any advice would be appreciated.

wget logs:

wget https://example.com:4567/
--2020-02-20 08:39:23--  https://example.com:4567/
Resolving example.com (example.com)... .............
Connecting to example.com (example.com)|...........|:4567... connected.
Unable to establish SSL connection.

nginx-ingress helm chart relevant config:

tcp:
  4567: "gitlab/gitlab-registry:5000"

apiVersion: v1
kind: Service
metadata:
  annotations:
    flux.weave.works/antecedent: gitlab:helmrelease/gitlab
  creationTimestamp: "2020-02-18T08:44:54Z"
  labels:
    app: registry
    chart: registry-0.3.0
    heritage: Tiller
    release: gitlab
  name: gitlab-registry
  namespace: gitlab
  resourceVersion: "882239"
  selfLink: /api/v1/namespaces/gitlab/services/gitlab-registry
  uid: 43d97af6-656f-44ae-a064-cae1bfb37524
spec:
  clusterIP: 10.101.88.115
  ports:
  - name: registry
    port: 5000
    protocol: TCP
    targetPort: 5000
  selector:
    app: registry
    release: gitlab
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}

Gitlab helm chart:

global:
  appconfig:
    registry:
      ingress:
        tls:
          enabled: true
          secretName: gitlab-sdp-tls

The secret above works perfectly for example.com

curl -vvv https://example.com:4567

* Rebuilt URL to: example.com:4567/ 
* Trying xxxxxxxxxx... 
* Connected to example.com (xxxxxxxxxxxxx) port 4567 (#0) 
> GET / HTTP/1.1 
> Host: example.com:4567 
> User-Agent: curl/7.47.0 
> Accept: */* 
> 
* Empty reply from server 
* Connection #0 to host example.com left intact curl: (52) Empty reply from server