Hi Im new to Kong Ingress Controller
The configuration was working without HTTPS, in Kubernetes Cluster (EKS)
but when HTTPS was enabled, its returns the following error
400 Bad Request
The plain HTTP request was sent to HTTPS port
Error getting generated form Kong , not from ELB
Certificate used is generated form Aws Certificate manager
Kong was deployed using Helm with following params
http:
annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: https
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "3600"
service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: [Certificate ARN]
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: 443
Any Idea ?
Do you see the same issue if you bypass the load balancer using a port-forward?
Offhand, the only odd thing I see is that you have that configuration under the http block. The HTTP and HTTPS proxy listens are configured independently and the http block handles the latter. That’s not the exact error I’d expect in that scenario, but it’s close enough that it warrants review. You’ll want to place your HTTPS configuration in the https block and send traffic from your client to that servicePort on the load balancer.
If that’s not helping, or you intend to handle HTTPS termination at the LB level (in which case you would place that configuration under the http block), can you provide the complete proxy block from values.yaml and output from a curl request to the route in question? I’m unsure what else has been changed from the default, but that error is a bit odd since it shouldn’t happen if the service.beta.kubernetes.io/aws-load-balancer-backend-protocol: https is being handled correctly, so it will help to see more of the issue in context to try and spot what’s going on.