Hello,
I found issue with IngressRouteTCP when trying access with socket/Layer 4
to port 12000, and use traefik to terminal TLS there, and use own our certificates
Functionality, as I perceive it, is not as documented. Traffic should remain Layer 4, and controller
should not return http response.
Example is:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: app-tcp-tls
namespace: default
spec:
entryPoints:
- app12000
routes: - match: HostSNI(
*)
services:- name: app-service
port: 11114
tls:
secretName: tls-app
passthrough: false
- name: app-service
Functionality is as:
-If secretName is defined, it return correct certificate, but enforced HTTP / Layer 7 traffic
-If that's left empty, it works correctly, but uses traefik default certificate
I would expect that http traffic is not enforced, when own certificates are uses, and when intention is to keep Layer 4 / tcp communications
Is this a bug, or is there any option to fix this functionality?
Br., Janne