I am trying to deploy the mock API https://68870560071f195ca97eed8a.mockapi.io/api/v1/comments in the KONG GW in K8s.
Here are my httproute, sevice, and backendTLSPolicy
httproute
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
annotations:
konghq.com/host-header: 68870560071f195ca97eed8a.mockapi.io
konghq.com/plugins: route-jwt-173ddc7aebe8b25107035b028bf33f72036cc052-cbb3dd3d-e349-4ceb-ac4e-fbf654658480-api,route-acl-8f7fc2a96bcdeca1dc083bbfa0ec785b39d02663-cbb3dd3d-e349-4ceb-ac4e-fbf654658480-api-production
konghq.com/strip-path: "true"
creationTimestamp: "2025-08-07T03:55:12Z"
generation: 1
labels:
apiUUID: cbb3dd3d-e349-4ceb-ac4e-fbf654658480
environment: production
organization: 2e14f1a627e0f7388df2efa85fba6816ac25f094
revisionID: "1"
routeType: api
name: 50b3629b60a9cecd1a2188b619074c1d9a3ccd80-production-httproute-0
namespace: kong
resourceVersion: "267235"
uid: e0645cd7-e614-428a-967d-7092a58c4b57
spec:
hostnames:
- kong.gw.com
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: kong
rules:
- backendRefs:
- group: ""
kind: Service
name: backend-20b9719f312aa53bd9a517106257d97b37f5b7da
port: 443
weight: 1
filters:
- type: URLRewrite
urlRewrite:
path:
replaceFullPath: /api/v1/comments
type: ReplaceFullPath
matches:
- method: GET
path:
type: RegularExpression
value: /https/1/comments
status:
parents:
- conditions:
- lastTransitionTime: "2025-08-07T03:55:12Z"
message: ""
observedGeneration: 1
reason: Accepted
status: "True"
type: Accepted
- lastTransitionTime: "2025-08-07T03:55:12Z"
message: ""
observedGeneration: 1
reason: ResolvedRefs
status: "True"
type: ResolvedRefs
- lastTransitionTime: "2025-08-07T03:55:13Z"
message: ""
observedGeneration: 1
reason: ConfiguredInGateway
status: "True"
type: Programmed
controllerName: konghq.com/kic-gateway-controller
parentRef:
group: gateway.networking.k8s.io
kind: Gateway
name: kong
namespace: kong
service
apiVersion: v1
kind: Service
metadata:
annotations:
konghq.com/host-header: 68870560071f195ca97eed8a.mockapi.io
konghq.com/protocol: https
konghq.com/snis: 68870560071f195ca97eed8a.mockapi.io
creationTimestamp: "2025-08-07T03:55:12Z"
labels:
apiUUID: cbb3dd3d-e349-4ceb-ac4e-fbf654658480
organization: 2e14f1a627e0f7388df2efa85fba6816ac25f094
revisionID: "1"
name: backend-20b9719f312aa53bd9a517106257d97b37f5b7da
namespace: kong
resourceVersion: "290541"
uid: fa472c9a-b5be-4064-adb1-baec26d3a383
spec:
externalName: 68870560071f195ca97eed8a.mockapi.io
ports:
- port: 443
protocol: TCP
targetPort: 443
sessionAffinity: None
type: ExternalName
status:
loadBalancer: {}
backendTLSPolicy
apiVersion: gateway.networking.k8s.io/v1alpha3
kind: BackendTLSPolicy
metadata:
creationTimestamp: "2025-08-07T04:15:15Z"
generation: 3
name: tls-policy-backend-20b9719f312aa53bd9a517106257d97b37f5b7da
namespace: kong
resourceVersion: "290789"
uid: c922809e-4ece-48b3-86e5-feb0d1e0e3bf
spec:
targetRefs:
- group: core
kind: Service
name: backend-20b9719f312aa53bd9a517106257d97b37f5b7da
validation:
caCertificateRefs:
- group: core
kind: Secret
name: root-ca-a
hostname: 68870560071f195ca97eed8a.mockapi.io
secret
apiVersion: v1
data:
ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURrVENDQXhpZ0F3SUJBZ0lTQm5ybWs2Nms4UDZZMEEzUkpPRDFUSnRNTUFvR0NDcUdTTTQ5QkFNRE1ESXgKQ3pBSkJnTlZCQVlUQWxWVE1SWXdGQVlEVlFRS0V3MU1aWFFuY3lCRmJtTnllWEIwTVFzd0NRWURWUVFERXdKRgpOakFlRncweU5UQTJNakF3TWpFeE5ERmFGdzB5TlRBNU1UZ3dNakV4TkRCYU1CY3hGVEFUQmdOVkJBTU1EQ291CmJXOWphMkZ3YVM1cGJ6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJQajZOcWhQVFNTMEo3blgKMFBpUXhBakl5OHl5MHVPaHVqYnprSDk2LzZJYlZvWm83a1VOajBXWmgxVkVWcDl4N3gvaW56WU82ZnMydGNhNgp6TExkY09TamdnSW5NSUlDSXpBT0JnTlZIUThCQWY4RUJBTUNCNEF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVICkF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDTUFBd0hRWURWUjBPQkJZRUZMUnlYdlg3aXRUaTYxODgKa2JPK1gvNlFJaDd1TUI4R0ExVWRJd1FZTUJhQUZKTW5ScGdEcVZGb2pwald4RUpJMnlPL1dKVFNNRElHQ0NzRwpBUVVGQndFQkJDWXdKREFpQmdnckJnRUZCUWN3QW9ZV2FIUjBjRG92TDJVMkxta3ViR1Z1WTNJdWIzSm5MekFqCkJnTlZIUkVFSERBYWdnd3FMbTF2WTJ0aGNHa3VhVytDQ20xdlkydGhjR2t1YVc4d0V3WURWUjBnQkF3d0NqQUkKQmdabmdRd0JBZ0V3TFFZRFZSMGZCQ1l3SkRBaW9DQ2dIb1ljYUhSMGNEb3ZMMlUyTG1NdWJHVnVZM0l1YjNKbgpMemMzTG1OeWJEQ0NBUVVHQ2lzR0FRUUIxbmtDQkFJRWdmWUVnZk1BOFFCM0FOM2N5alNWMStFV0JlZVZNdnJICm4vZzlIRkRmMndBNkZCSjJDaXlzdThncUFBQUJsNHRRdGtrQUFBUURBRWd3UmdJaEFJcUwwSmp6MVoraDVCM2sKVzhIODZWL1c3TDVYSjAxSTI1d1lxMWMwQnp3MEFpRUE5T05FNUNPMmhvSlhVaWpyeVE5YUUyOTV6Vm5XcGNIMwpXVThYTnZDdHE0a0FkZ0I5V1I0UzRYZ3FleHhoWjN4ZS9malFoMXdVb0U2Vm5ya0RMOWtPakM1NXVBQUFBWmVMClVMM3pBQUFFQXdCSE1FVUNJUURJOHpxSDVGNDBjajQrS20rWnl0bC9MT1FydTNXdS9ySVlXNFZuZXJsMVBnSWcKT1lCSjJJMU1HTDVaWWZvWXpMZ3lkTi9pY1RReVJVcnBOdnpSRERwakJTVXdDZ1lJS29aSXpqMEVBd01EWndBdwpaQUl3TENHNitOM3VEd3Z5QUIzQjY2ZVhBeHF0NEYrUnJ2YWs2ajdJT3hoSkVoRGdEMkRZcFRUUzVFSmNQdHhYCndRT09BakJEWWpwOTk1TDRYSXpjNk5DT05mUnZkTWtZWStWUklaaEpMa2poaDNCYUg4Tm1SeUJ1TTFtN0NSeXEKcXB4QjVXVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
id: YmY2ZTBmMTQtNzhjZC00NWFkLTkzMjUtODdlYzdlZjdiODky
kind: Secret
metadata:
annotations:
kubernetes.io/ingress.class: kong
creationTimestamp: "2025-08-07T10:42:18Z"
labels:
konghq.com/ca-cert: "true"
name: root-ca-a
namespace: kong
resourceVersion: "287778"
uid: 5c3f9642-0c22-463b-80c5-7b6c5758ad87
type: Opaque
When I hit the https://kong.gw.com:8443/https/1/comments
I get the following error
2025/08/07 11:30:40 [crit] 1407#0: *45851 SSL_do_handshake() failed (SSL: error:0A000458:SSL routines::tlsv1 unrecognized name:SSL alert number 112) while SSL handshaking to upstream, client: 10.42.0.13, server: kong, request: “GET /https/1/comments HTTP/2.0”, upstream: “``https://13.248.244.96:443/api/v1/comments”``, host: “``kong.gw.com:8443``”, request_id: “ed2a812dfb4ff31c21d5a76e7bd35927”
any way to fix this issue