Having an issue with SSLProxyHeaders Headers Middleware

I am using Traefik proxy 2.2.0 with Kubernetes CRD. I have defined a middleware as follows:

apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
  name: forwarded-proto-https
      X-Forwarded-Proto: "https"

I have applied this middlware to an Ingress Route as follows:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
  name: ingress-route-name
  namespace: ingress-route-namespace
  - websecure
  - kind: Rule
    match: Host(`dev.domain.com`)
    - name: forwarded-proto-https
      namespace: default
    - name: svc-name
      port: 80
      name: tls-default
      namespace: default

However, this results in a 404 when applied. When I remove the middlewares section of the IngressRoute definition it works just fine. Any thoughts on what I am doing incorrectly here?


Hello @tristan43,

It appears that you have configured a TLS enabled ingressroute, which you mention works correctly without the headers middleware.

The sslProxyHeaders setting is used to determine whether a request is SSL or not...Since I doubt your SSL request sets an X-forwarded-proto header, the middleware would break the chain, since it would no longer be treated as an SSL request.

Is your intention to add the X-forwarded-proto header to the backend request? if so, Traefik does that automatically.

Thank you. Yes my intention was to add the X-Forwarded-Proto header to the backend. I did not realize it happened automatically. Can you point me to the docs for that? It'll help in the future. Thanks so much.

Hello @tristan43,

I could have sworn that the docs used to contain that information, but it may not have been migrated when we released the v2 docs.

I opened a new documentation issue to add this to the docs, as it should be there: (Documentation does not list proxy headers that are automatically added · Issue #8294 · traefik/traefik · GitHub).

1 Like