kong | 2019/08/15 10:14:41 [error] 19#0: init_by_lua error: /usr/local/share/lua/5.1/kong/init.lua:382: error parsing declarative config file /kong.conf.d/kong.yml:
kong | in 'certificates':
kong | - in entry 1 of 'certificates':
kong | in 'snis':
kong | - in entry 1 of 'snis': expected a record
kong | Run with --v (verbose) or --vv (debug) for more details
I change snis to
snis: "hello.test"
The error is
kong | in 'certificates':
kong | - in entry 1 of 'certificates':
kong | in 'snis': expected an array
And the host set on the route like on @narate 's example:
services:
- name: test
routes:
- name: test
paths:
- /test/
protocols:
- https
hosts:
- mydomain.com
url: http://httpbin.org
If I check the Admin API I can see that there is a SNI object, the matching certificate object also exists and the route object also has the matching host set.
However, when I do a request to my service Kong serves a self-signed certificate instead of my domain’s certificate.
I was just using the web browser and curl to request https://mydomain.com/test/.
I tried reloading the config with kong reload and didn’t work but after restarting Kong’s POD (I’m using Kong inside k8s) and reloading the conf it worked.
I’ve must have been doing something wrong and didn’t realize
You are right. The declarative.yaml configuration was correct for the SSL setup. What i had missing was i did not open the SSL port in my proxy_listen configuration from the environment variable