I want to expose an HTTPS K8s service that uses a certificate derived from a custom root CA, outside the cluster using nginx ingress controller. Are the following configurations supported and if yes, how?
Is it possible to configure nginx ingress controller such that it can do TLS and mutual-TLS with the HTTPS backend service? How do I provision a root certificate for backend server certificate validation to nginx ingress? Is it possible to do SSL termination on the ingress and do mutual-TLS with the backend?
I was able to provision the backend server certificates using the nginx.ingress.kubernetes.io/proxy-ssl-secret annotation.