HTTPS Backend with Unverified Certificates

Using the Kong Ingress Controller 2.6 on AKS, k8s 1.23.8

I have an upstream application that uses https with self signed certificates. I put the https annotation on the service. But whenever I attempt to access the ingress I get a HTTP 502 error. I beleive this is because the certificates are untrused or I’m not directing Kong to use HTTPS properly.

How can I have kong look at a service where its backend is using HTTPS and Unverified Certificates and either ignore them or specify the certificates so Kong can validate them.

I don’t think the gateway returns a 502 for a bad certificate, but I’m not completely sure. It does definitely return a 502 if you’ve told Kong to use HTTPS and haven’t actually pointed it to the HTTPS port.

What do your proxy container logs show? A 502 should be accompanied with additional explanation there that describes the exact nature of the error.