SSL offloading at Kong level

Hi Everyone,

I am trying to configure SSL certificates at Kong level on kubernetes cluster. Below is the deployment Object I am using for Kong deployment on kubernetes.:

Thanks and regards,
Rahul Salunke

What is your question and what have you tried so far?

My question that can we configure SSL certificates at Kong level?

As We configure SSL certificates at Load balancer level and then points it to Kong . I want to configure SSL certficate at kong level in Kubernetes deployment.

Yes you can.

In that case, you need to ensure that you are using an L4 load-balancer in-front of Kong so that kong can terminate the TLS session.

Hi Harry,

Thanks for your reply.

We are using AWS for infrastructure. So as you suggested to use L4 load-balancer i.e Network Load Balancer from AWS which operates at Layer 4.

Now the thing which is the way to include certtificates in below deployment YAML file for kong for kong v2.1 and kong-ingress-controller v0.9.1:

Hi Harry,

How I can check Certificates added to Kong are working?

How are you configuring Kong?
If you are using Kong as an Ingress Controller, then you should use the Ingress API to configure SSL certificates.

© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ