Hello
I have a k3s cluster with 1 master and 2 nodes.
When my ingress is configured with a http backend, all is working fine.
But now I want to use a https backend to bring more security. I have my own Root CA certificate.
First, I managed to make it work with
apiVersion: traefik.containo.us/v1alpha1
kind: ServersTransport
metadata:
name: skipverify
spec:
insecureSkipVerify: true
---
apiVersion: v1
kind: Service
metadata:
name: hello-world-svc
annotations:
traefik.ingress.kubernetes.io/service.serversscheme: https
traefik.ingress.kubernetes.io/service.serverstransport: sidecar-tls-httpd-pki-skipverify@kubernetescrd
spec:
selector:
app: hello-world
ports:
- protocol: TCP
port: 443
targetPort: 443
name: https
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: hello-world-ingress
annotations:
traefik.ingress.kubernetes.io/router.middlewares: default-httpredirect@kubernetescrd
cert-manager.io/cluster-issuer: intermediate-issuer
cert-manager.io/common-name: "hello-world.home"
spec:
rules:
- host: hello-world.home
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: hello-world-svc
port:
number: 443
tls:
- hosts:
- hello-world.home
secretName: hello-world-secret
But now I would like a solution to remove that :
apiVersion: traefik.containo.us/v1alpha1
kind: ServersTransport
metadata:
name: skipverify
spec:
insecureSkipVerify: true
I guess I need to make traefik trust my Root CA, how to do that ?
Many thanks