Missing: serversTransport on IngressRouteTCP

Hello everyone,

I am trying to route TLS encrypted TCP traffic to a Pod using IngressRouteTCP.
I need to terminate TLS but then again connect via TLS from Traefik to the backend Pod.


  • The Client is running outside of Kubnetes
  • I am using cert-manager and ACME and http01-Challenge
  • The Endpoints (MongoDB Pods) require TLS and present certificates which are only valid for *.cluster-local. (ACME cannot validate *.cluster-local)
  • ACME (http01-Challenge) is only able to issue certificates valid for external FQDN (*.externaldomain.com)

From what I found IngressRouteTCP does never use TLS to communicate with the backend Pods.
When I look at IngressRoute I find IngressRouteTCP.spec.routes.services.serversTransport.

This is exactly what I would need in IngressRouteTCP.

Is there really no possibility to use upstream TLS (aka serversTransport) for TCP traffic routed by IngressRouteTCP?

Thanks & best regards,

1 Like

@bluepuma77 I just saw you liked this issue.
Any Ideas? Thoughts? Have you got the same issue?

No, I used the heart to save it for later, if I move to kubernetes some day, sorry.

I recommend to put a kubernetes tag on your post.

Looks like I can't add any tags after initially posting...
@traefik_moderators would you please be so kind to add a kubernetes tag? Thanks a lot!