From 0e783b3b82355f8485c50bce79d9b0f502871be6 Mon Sep 17 00:00:00 2001 From: Manuel Alejandro de Brito Fontes Date: Wed, 9 Jan 2019 20:39:26 -0300 Subject: [PATCH] Add note about SSL Certificate common names --- docs/user-guide/nginx-configuration/annotations.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/user-guide/nginx-configuration/annotations.md b/docs/user-guide/nginx-configuration/annotations.md index 1cbddfcc7..c77dec82b 100644 --- a/docs/user-guide/nginx-configuration/annotations.md +++ b/docs/user-guide/nginx-configuration/annotations.md @@ -465,7 +465,7 @@ When using SSL offloading outside of cluster (e.g. AWS ELB) it may be useful to even when there is no TLS certificate available. This can be achieved by using the `nginx.ingress.kubernetes.io/force-ssl-redirect: "true"` annotation in the particular resource. -### Redirect from/to www. +### Redirect from/to www In some scenarios is required to redirect from `www.domain.com` to `domain.com` or vice versa. To enable this feature use the annotation `nginx.ingress.kubernetes.io/from-to-www-redirect: "true"` @@ -473,6 +473,9 @@ To enable this feature use the annotation `nginx.ingress.kubernetes.io/from-to-w !!! attention If at some point a new Ingress is created with a host equal to one of the options (like `domain.com`) the annotation will be omitted. +!!! attention + For HTTPS to HTTPS redirects is mandatory the SSL Certificate defined in the Secret, located in the TLS section of Ingress, contains both FQDN in the common name of the certificate. + ### Whitelist source range You can specify allowed client IP source ranges through the `nginx.ingress.kubernetes.io/whitelist-source-range` annotation.