I've met a strange issue that it seems kubenete ingress controller doesn't let ssl passthrough when the client request from different network.
We have a kubenete server deployed on LAN, and configured the args --enable-ssl-passthrough in the ingress controller. When I did a test the ssl connection by using Curl or Openssl s_client through the LAN network, there was no issue => I can see the ssl connection works and the correct certificate presents from server side. The request is able to reach the pods.
But when I tested from the another network (VM on azue), I got tls connection issue and according to the result of openssl s_client, the certificat given by kubenete during the ssl handshake is the default fake one of kubenete ingress controller. By testing through Curl , I can see the 400 error in log of ingress controller pods.
I don't have any clue on the real cause. It just looks like that kube doesn't let ssl passthrough. Has anyone experienced the same issue or has some idea on that? Thanks!
