Hi, so far we are using traefik to do path based routing using ingress routes and directing traffic to 3 applications behind the load balancer. We want to use TLS everywhere now and instead of terminating SSL at traefik level we want to do that at application level. I am not sure if we can use TLS passthrough with path based routing. I was reading 2 different conflicting information about this. Passthrough not working after upgrading Traefik to 2.6.3 - #3 by sgundadi says we cannot use path based routing with TLS passthrough.
Traefik Routers Documentation - Traefik shows we can use path based routing but I wasn't sure if this will work with TLS passthrough enabled. Want to check with the experts their opinion on this?
You can pass TLS through, but Traefik needs access to the TLS cert to read HostSNI (domain) from the request.
If you want to use a path, you even need to go one level deeper and decrypt the http headers, can still use passthrough.
Alternatively you can use a different TLS cert for internal traffic.
Thanks for the response.
Can you refer me to an example on how can be done - "If you want to use a path, you even need to go one level deeper and decrypt the http headers, can still use passthrough."
With the current approach we use, we do use certs for decrypting traffic before forwarding to the apps.