I have a slightly odd setup for educational purposes.
I'm running a single-node Kubernetes cluster (no load balancer to save $).
I have an ingress controller running as a clusterIP and an ingress pointing port 443 to a service running on 443 with certs I generated with Let's Encrypt.
I setup HAProxy on the baremetal that forwards all requests on *:443 to the ingress controller. However, I'm just getting nowhere with this. (I have the whole flow working fine on HTTP with no TLS).
One error that was notable was Error code: SSL_ERROR_RX_RECORD_TOO_LONG.
To summarize, I'm doing TLS termination at the application layer, not the reverse proxy layer. Is there a recommended config for this setup?
