Configuring WSO2 API Manager to Work With Traefik for HTTPS

Question

I am trying to configure Traefik and WSO2 API Manager. Basically, I want to configure Traefik to handle https.

     labels:
        - "traefik.enable=true"
        - "traefik.http.middlewares.service-am-https.redirectscheme.scheme=https"
        - "traefik.http.routers.service-am-http.entrypoints=web"
        - "traefik.http.routers.service-am-http.rule=Host(`xx.xx.xx`) && Path(`/apim/admin`)"
        - "traefik.http.routers.service-am-http.middlewares=service-am-https@docker"
        - "traefik.http.routers.service-am.tls=true"
        - "traefik.http.routers.service-am.rule=Host(`xx.xx.xx`) && Path(`/apim/admin`)"
        - "traefik.http.routers.service-am.entrypoints=web-secure"
        - "traefik.http.services.service-am.loadbalancer.server.port=9443"

I also included this in the deployment.toml file for API Manager.

[catalina.valves.valve.properties]
className = "org.apache.catalina.valves.RemoteIpValve"
internalProxies = "*"
remoteIpHeader ="x-forwarded-for"
proxiesHeader="x-forwarded-by"
trustedProxies="*"

When I try to access the service, https://xx.xx.xx/apim/admin, I get this error:

Bad Request
This combination of host and port requires TLS.

Traefik is successfully handling the https part but when it comes to WSO2 API Manager, this issue comes up. Any ideas on how to resolve this?

Answer 1

I just had this problem and solved including

 annotations:
   ingress.kubernetes.io/protocol: https

in my Ingress.

The full configuration:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
 name: wso2-ingress
 namespace: <namespace>
 annotations:
   kubernetes.io/ingress.class: traefik
   traefik.frontend.rule.type: PathPrefixStrip
   ingress.kubernetes.io/protocol: https
spec:
 rules:
 - host: <hostname>
   http:
     paths:
     - path: /
       backend:
         serviceName: <service-name>
         servicePort: 9443