I am trying to route TLS encrypted TCP traffic to a Pod using IngressRouteTCP.
I need to terminate TLS but then again connect via TLS from Traefik to the backend Pod.
- The Client is running outside of Kubnetes
- I am using cert-manager and ACME and http01-Challenge
- The Endpoints (MongoDB Pods) require TLS and present certificates which are only valid for
*.cluster-local. (ACME cannot validate *.cluster-local)
- ACME (http01-Challenge) is only able to issue certificates valid for external FQDN (
This is exactly what I would need in IngressRouteTCP.
Is there really no possibility to use upstream TLS (aka serversTransport) for TCP traffic routed by IngressRouteTCP?
Thanks & best regards,