DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Docs: Improve default certificate usage. (#11519)

Browse source 
Co-authored-by: Marco <62987024+marco-svitol@users.noreply.github.com>
This commit is contained in:
k8s-infra-cherrypick-robot 2024-07-01 02:13:35 -07:00 committed by GitHub
parent bdbbbf1673
commit 46c637ef26
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
docs/user-guide/tls.md
View file

@ -41,8 +41,9 @@ If this flag is not provided NGINX will use a self-signed certificate.
For instance, if you have a TLS secret `foo-tls` in the `default` namespace,
add `--default-ssl-certificate=default/foo-tls` in the `nginx-controller` deployment.
The default certificate will also be used for ingress `tls:` sections that do not
have a `secretName` option.
If the `tls:` section is not set, NGINX will provide the default certificate but will not force HTTPS redirect.
On the other hand, if the `tls:` section is set - even without specifying a `secretName` option - NGINX will force HTTPS redirect.
To force redirects for Ingresses that do not specify a TLS-block at all, take a look at `force-ssl-redirect` in [ConfigMap][ConfigMap].