Configuring HTTPS Backend Services for an Nginx Ingress

Ingress can function as a proxy for backend services using different protocols. By default, the backend proxy channel of an ingress is an HTTP channel. To create an HTTPS channel, add the following configuration to the annotations field:

nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"

An ingress configuration example is as follows:

Use kubectl to access the cluster. For details, see Connecting to a Cluster Using kubectl.

Create a YAML file named ingress-test.yaml. The file name can be customized.

vi ingress-test.yaml

For clusters of v1.23 or later:

apiVersion: networking.k8s.io/v1
kind: Ingress 
metadata: 
  name: ingress-test
  namespace: default
  annotations:
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
  tls: 
    - secretName: ingress-test-secret  # Replace it with your TLS key certificate.
  rules:
    - host: ''
      http:
        paths:
          - path: '/'
            backend:
              service:
                name: <your_service_name>  # Replace it with the name of your target Service.
                port:
                  number: <your_service_port>  # Replace it with the port number of your target Service.
            property:
              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
            pathType: ImplementationSpecific
  ingressClassName: nginx

For clusters of v1.21 or earlier:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: ingress-test
  namespace: default
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
  tls: 
    - secretName: ingress-test-secret  # Replace it with your TLS key certificate.
  rules:
    - host: ''
      http:
        paths:
          - path: '/'
            backend:
              serviceName: <your_service_name>  # Replace it with the name of your target Service.
              servicePort: <your_service_port>  # Replace it with the port number of your target Service.

Create an ingress.
```
kubectl create -f ingress-test.yaml
```
If information similar to the following is displayed, the ingress has been created:
```
ingress/ingress-test created
```

Check the created ingress.

kubectl get ingress

If information similar to the following is displayed, the ingress has been created:

NAME          CLASS   HOSTS     ADDRESS          PORTS   AGE
ingress-test  nginx   *         121.**.**.**     80      10s

Parent Topic: Advanced Setting Examples of Nginx Ingresses

Previous topic: Configuring URL Rewriting Rules for an Nginx Ingress

Next topic: Configuring Consistent Hashing for Load Balancing of an Nginx Ingress

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot