What Can I Do If Requests Fail After an HTTPS Certificate Is Configured for a LoadBalancer Ingress?

Symptom

When a domain name is specified in the forwarding policy of a LoadBalancer ingress and an HTTPS server certificate is configured, the TLS handshake fails upon accessing the domain name.

Click to enlarge

Possible Cause

The domain name defined in the LoadBalancer ingress forwarding policy does not match the domain name in the server certificate.

Solution

If the forwarding policy of a LoadBalancer ingress relies on domain name-based matching, configure an SNI certificate for the ingress. For details, see Configuring SNI for a LoadBalancer Ingress.

This issue is likely to occur in the following scenarios if an SNI certificate is not configured:

When the forwarding policy of a single ingress includes multiple domain names
When multiple ingresses share the same load balancer listener

Parent Topic: Network Exception Troubleshooting

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

For any further questions, feel free to contact us through the chatbot.

Chatbot