Terminate Cloudflare TLS in Traefik, send self-signed client cert to Vault

paridin · February 9, 2022, 4:15pm

I could solve with a ServersTransport here in my config. hope it helps.

apiVersion: traefik.containo.us/v1alpha1
kind: ServersTransport
metadata:
  name: vault-transport
  namespace: vault

spec:
  serverName: vault-internal
  insecureSkipVerify: true

---
apiVersion: traefik.containo.us/v1alpha1
kind: TLSOption
metadata:
  name: vault-tls-option
  namespace: vault

spec:
  minVersion: VersionTLS12

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: vault-ui
  namespace: vault
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`vault.domain.com`)
      kind: Rule
      services:
        - name: vault
          port: 8200
          scheme: https
          serversTransport: vault-transport
          namespace: vault
  tls:
    options:
        name: vault-tls-option
        namespace: vault

Topic		Replies	Views
Complex configuration assistance Traefik v1 consul , consul-catalog	1	545	May 15, 2020
Terminate TLS and forward new HTTPS request Traefik v2 kubernetes-ingress , middleware	1	545	November 30, 2020
Traefik default tls on kubernetes Traefik v2 file , kubernetes-ingress	2	1432	December 28, 2021
Setup TLS/SSL, need help Traefik v2 kubernetes-ingress	3	788	April 16, 2021
Cannot set default SSL cert Traefik v3 (latest) kubernetes-ingress	5	79	February 4, 2025

Terminate Cloudflare TLS in Traefik, send self-signed client cert to Vault

Related topics