update logic to account for new CA file

2024-12-09 17:12:11 +01:00 · 2024-12-09 17:12:11 +01:00 · 1b86d8f734
commit 1b86d8f734
parent 7e514210b0
1 changed files with 2 additions and 2 deletions
--- a/internal/ingress/controller/controller.go
+++ b/internal/ingress/controller/controller.go
@ -749,9 +749,9 @@ func (n *NGINXController) getBackendServers(ingresses []*ingress.Ingress) ([]*in
 			}
 			if !n.store.GetBackendConfiguration().ProxySSLLocationOnly {
-				if server.ProxySSL.CAFileName == "" {
+				if server.ProxySSL.CAFileName == "" && server.ProxySSL.ProxySSLCA.CAFileName == "" {
 					server.ProxySSL = anns.ProxySSL
-					if server.ProxySSL.Secret != "" && server.ProxySSL.CAFileName == "" {
+					if (server.ProxySSL.Secret != "" && server.ProxySSL.CAFileName == "") && (server.ProxySSL.ProxySSLCA.ConfigMap != "" && server.ProxySSL.ProxySSLCA.CAFileName == "") {
 						klog.V(3).Infof("Secret %q has no 'ca.crt' key, client cert authentication disabled for Ingress %q",
 							server.ProxySSL.Secret, ingKey)
 					}