Ignoring SSL Passthrough for location "/ddi" in server "example.com"

[anushajogannagari]

I have a setup with an ingress resource configured like below ,

apiVersion: networking.k8s.io/v1 kind: Ingress metadata:   annotations:      nginx.ingress.kubernetes.io/backend-protocol: HTTPS      nginx.ingress.kubernetes.io/ssl-passthrough: "true"   name: ingress   namespace: ns-ingress   labels:     name: ingress spec:   ingressClassName: nginx   rules:   - host: example.com     http:       paths:       - path: /         pathType: Prefix         backend:           service:             name: service1             port:               number: 443       - path: /ddi         pathType: Prefix         backend:           service:             name: service2             port:               number: 443 Below is the line produced for second backend. What is the fix for below error? W0329 14:11:57.427473       7 controller.go:520] Ignoring SSL Passthrough for location "/ddi/" in server "example.com" W0329 14:11:57.427485       7 controller.go:520] Ignoring SSL Passthrough for location "/ddi" in server "example.com"

NGINX Ingress controller version: v1.1.0 Kubernetes version: 1.25

we are passing ssl-passthrough from ingress-nginx controller not the TLS certs from ingress manifest. Below link says When you use SSL passthrough NGINX cannot read the content of the connection. https://github.com/kubernetes/ingress-nginx/issues/5257

Please provide info how can we use second backend like /ddi instead root path / for multiple ingress paths

[k8s-ci-robot]

This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[longwuyuan]

/remove-kind bug

Please look at the the questions that are asked in the template of a new issue, when you click the create new issue button. Those questions provide information to people who comment or work on issues.

Edit your description of the issue and answer the questions asked in a new issue template.

[sauravmndl]

Looks like, only works for root path in ssl passthrough mode, as doesn't decrypt, so can't read content of HTTPS request which contains path. https://github.com/kubernetes/ingress-nginx/issues/9871#issuecomment-1527129071

[longwuyuan]

https://kubernetes.github.io/ingress-nginx/user-guide/tls/#ssl-passthrough

and here is a external example https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/

As suggested dont use path.

Backend-protocol is also needed.

force-ssl-redirect is needed.

No action item here for the project so closing.

/close

[k8s-ci-robot]

@longwuyuan: Closing this issue.

In response to [this](https://github.com/kubernetes/ingress-nginx/issues/9807#issuecomment-2343380990): >https://kubernetes.github.io/ingress-nginx/user-guide/tls/#ssl-passthrough > >and here is a external example https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ > >As suggested dont use path. > >Backend-protocol is also needed. > >force-ssl-redirect is needed. > >No action item here for the project so closing. > >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.