Adding support for OpenSSL engine in Nginx Ingress controller

[Amira S]

Hello,

I want to add support for an ssl_engine + ssl_certificate/key directives in
the nignx.conf that configures an nginx server for ingress on kubernetes.

This functionality is not provided by default, and I read that Snippets may
be the recommended way to add such support.

Could you please assist me in adding such support? The ssl_engine should be
part of the main-snippets but the ssl_certificate/key are under http and
then under server, so not sure if http-snippets or server-snippets should
be used.

For example, I tried setting the ssl_engine as follows:

read -d '' conf << EOF
ssl_engine mscryptpfx;
EOF

helm install ingress-nginx-new ingress-nginx/ingress-nginx \
    --set controller.replicaCount=2 \
    --set controller.nodeSelector."kubernetes\.io/os"=linux \
    --set defaultBackend.nodeSelector."kubernetes\.io/os"=linux \
    --set
controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-health-probe-request-path"=/healthz
\
    --set enable-snippets=true \
    --set-string controller.config.main-snippets="$conf"

But this wasn't reflected in the nginx.conf of the ingress pod.

If anyone could point me to a similar configuration sample, that would be
very helpful.

Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220706/bba857a1/attachment.htm>