diff --git a/internal/ingress/annotations/secureupstream/main.go b/internal/ingress/annotations/secureupstream/main.go
index abf72a9ca..6f0204752 100644
--- a/internal/ingress/annotations/secureupstream/main.go
+++ b/internal/ingress/annotations/secureupstream/main.go
@@ -40,11 +40,9 @@ func NewParser(r resolver.Resolver) parser.IngressAnnotation {
 
 // Parse parses the annotations contained in the ingress
 // rule used to indicate if the upstream servers should use SSL
-func (a su) Parse(ing *networking.Ingress) (interface{}, error) {
-	ca, _ := parser.GetStringAnnotation("secure-verify-ca-secret", ing)
-
-	if ca != "" {
+func (a su) Parse(ing *networking.Ingress) (secure interface{}, err error) {
+	if ca, _ := parser.GetStringAnnotation("secure-verify-ca-secret", ing); ca != "" {
 		klog.Errorf("NOTE! secure-verify-ca-secret is not suppored anymore. Please use proxy-ssl-secret instead")
 	}
-	return nil, nil
+	return
 }
diff --git a/internal/ingress/annotations/secureupstream/main_test.go b/internal/ingress/annotations/secureupstream/main_test.go
index aa62ed0de..508d54a84 100644
--- a/internal/ingress/annotations/secureupstream/main_test.go
+++ b/internal/ingress/annotations/secureupstream/main_test.go
@@ -104,7 +104,7 @@ func TestAnnotations(t *testing.T) {
 			"default/secure-verify-ca": {},
 		},
 	}).Parse(ing)
-	if err == nil {
+	if err != nil {
 		t.Errorf("Unexpected error on ingress: %v", err)
 	}
 }