Closed sktrinh12 closed 2 years ago
I believe you may have tried the following already, but just in case...
1/ If you use "curl -k", are you able to reach the target? "-k" option disables the certificate checking.
Assuming the above works, you need to verify if you have the valid certificate for your site.
2/ Do you own this site mydomain.com? The following is from your logs. Location: https://quote.mydomain.com
3/ Check that you have cert-manager and TLS configured. kubectl get issuer -A kubectl get certificates -A kubectl get ingress -A
4/ If the above looks all good, did you configure proxy protocol anywhere? If yes... then does the set up work w/o proxy protocol?
Hi @sktrinh12 thank you spotting the issue, I have created a fix for this problem. Also please keep in mind if the sub-domains are not static we suggest you to use a wildcard tls certificate , please visit https://github.com/digitalocean/Kubernetes-Starter-Kit-Developers/blob/main/03-setup-ingress-controller/guides/wildcard_certificates.md for more details
great, thanks for the guidance and for fixing that so quickly. Is it because the secretName
value can't be shared by two separate services? That's the only difference I see in the host.yaml
files. It is now working.
Hi, I followed each step in the tutorial for ingress-controller using DO. Everything seems working except the second service, the
quote
service. Theecho
service returns what is expected, but tls termination doesn't seem to be working forquote
. I get this when i try tocurl
:I just did
kubectl apply -f quote_host.yaml
with theannotations
andtls
sections un-commented, just some small changes. Did I miss a step? The tutorial doesn't explicitly lay out the steps to do thequote
service, but I just repeated the steps for theecho
service.Would appreciate some assistance. Thanks.