Getting ingress controller fake certificate in ssl-passthrough mode

[feiluo-db]

I deployed the ingress controller with --enable-ssl-passthrough flag on. Verified in the nginx.conf file that it is indeed turned on. Ingress controller is started with --ingress-class=my-test-nginx to match the ingress class annotation on Ingress resource. On my ingress resource annotation, I added

"nginx.ingress.kubernetes.io/ssl-passthrough": "true"

The full configuration looks like the following

{
    apiVersion: "networking.k8s.io/v1",
    kind: "Ingress",
    metadata: {
      name: "my-test-ingress",
      namespace: "my-test-ns",
      annotations: {
        "kubernetes.io/ingress.class": "my-test-nginx",
        "nginx.ingress.kubernetes.io/ssl-passthrough": "true",
        "nginx.ingress.kubernetes.io/ssl-redirect": "true",
      },
    },
    spec: {
      rules: [
        {
          host: "my-test.dev.example.com",
          http: {
            paths: [
              {
                path: "/",
                pathType: "Prefix",
                backend: {
                  service: {
                    name: "my-test-svc",
                    port: {
                      number: 8443,
                    },
                  },
                },
              },
            ],
          },
        },
      ],
    },
  },
{
    appName:: "my-test-svc",
    apiVersion: "v1",
    kind: "Service",

    metadata: {
      name: "my-test-svc",
      namespace: "my-test-ns",
    },
    spec: {
      ports: [
        {
          name: "doesnt matter",
          port: 8443,
          targetPort: 8443,
          protocol: "TCP",
        },
      ],

      selector: { app: "my-test-app" },
      type: "ClusterIP",
    },
  },

My ingress controller is deployed on AWS as a AWS ELB. No TLS cert is configured on the listener of ELB as it shouldn't terminate TLS. Any advice on how to further debug this would be very much appreciated!