Unable to passthrough tls

Traefik Traefik v2 (latest)
,
1

Hello,
I am trying to create an IngressRouteTCP to expose my mail server web UI. Mail server handles his own tls servers so a tls passthrough seems logical. Here is my ingress:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
  name: miab-websecure
  namespace: devusta
spec:
  entryPoints:
  - websecure
  routes:
  - match: "HostSNI(`mail.devusta.com`)"
    tls:
        passthrough: true
    services:
    - name: mailinabox
      port: 443

However, if you access https://mail.devusta.com it shows self signed certificate from traefik. Shouldn't it be not handling tls if passthrough is enabled?

PS: I am learning traefik and kubernetes so more comfortable with Ingress. Is it possible to use tcp router with Ingress instead of IngressRouteTCP? An example would be great.

2

Hi @aleyrizvi! Did you ever get this figured out? I'm running into the exact same problem now.

3

Hello,

Last time I did a TLS passthrough the tls part was out of the routes you define in your ingressRoute.

This was my ingressRoute 3 month ago:

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
  name: foobar-api-iro
spec:
  entryPoints: 
    - websecure
  tls:
    passthrough: true
  routes:
  - match: HostSNI(`api.mageekbox.eu`)
    services:
    - name: foobar-api-svc
      port: 80

Hope this would work for you.

1 Like
4

Finally looping back on this. @NEwa-05 - you rock! That worked perfectly! I'm not sure what I was messing up before and couldn't get working, but that does the trick. Thank you!

1 Like
5

Bit late on the answer, but good to know it works for you :slightly_smiling_face:

6

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.