K3s traefik ingress to https backend configuration

Traefik Traefik v2
1

Hello

I have a k3s cluster with 1 master and 2 nodes.
When my ingress is configured with a http backend, all is working fine.
But now I want to use a https backend to bring more security. I have my own Root CA certificate.

First, I managed to make it work with

apiVersion: traefik.containo.us/v1alpha1
kind: ServersTransport
metadata:
  name: skipverify
spec:
  insecureSkipVerify: true
---
apiVersion: v1
kind: Service
metadata:
  name: hello-world-svc
  annotations:
    traefik.ingress.kubernetes.io/service.serversscheme: https
    traefik.ingress.kubernetes.io/service.serverstransport: sidecar-tls-httpd-pki-skipverify@kubernetescrd

spec:
  selector:
    app: hello-world
  ports:
    - protocol: TCP
      port: 443
      targetPort: 443
      name: https
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hello-world-ingress
  annotations:
    traefik.ingress.kubernetes.io/router.middlewares: default-httpredirect@kubernetescrd
    cert-manager.io/cluster-issuer: intermediate-issuer
    cert-manager.io/common-name: "hello-world.home"
spec:
  rules:
  - host: hello-world.home
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: hello-world-svc
            port:
              number: 443
  tls:
  - hosts:
    - hello-world.home
    secretName: hello-world-secret

But now I would like a solution to remove that :

apiVersion: traefik.containo.us/v1alpha1
kind: ServersTransport
metadata:
  name: skipverify
spec:
  insecureSkipVerify: true

I guess I need to make traefik trust my Root CA, how to do that ?

Many thanks

2

Define and assign a serversTransport (doc).

3

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.