I use Traefik 1.7 with Letsencrypt in K8s. It works when I do requests with https-prefix. However http is not redirected.
I configured redirection in toml-file and I do three annotations in my ingress-yml
Just to be sure: I want only TLS-communication when a client from outside requests via http. In this case it should be redirect to https. The communication inside K8s should be http.
I thought this is simply done globally by confgiration in the toml-file of traefik with this
* Trying 10.214.1.52...
* TCP_NODELAY set
* Connected to aprilinternal.doctor-bee.org (10.214.1.52) port 80 (#0)
> GET / HTTP/1.1
> Host: aprilinternal.doctor-bee.org
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Location: https://aprilinternal.doctor-bee.org/
< Date: Tue, 23 Mar 2021 09:57:42 GMT
< Content-Length: 5
< Content-Type: text/plain; charset=utf-8
<
* Ignoring the response-body
* Connection #0 to host aprilinternal.doctor-bee.org left intact
* Issue another request to this URL: 'https://aprilinternal.doctor-bee.org/'
* Trying 10.214.1.52...
* TCP_NODELAY set
* Connected to aprilinternal.doctor-bee.org (10.214.1.52) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: self signed certificate
* Closing connection 1
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.