Hi everyone,
I installed Camunda 8.1 on EKS and configured HTTPS but there’re 2 problems:
-
Path based url is marked as “not secure” while subdomain works normally.
-
Identity returns with the following error
I’m using certificate from AWS ACM.
Below is my custom value
global:
ingress:
enabled: true
tls:
enabled: true
className: alb
host: "example.com"
annotations:
alb.ingress.kubernetes.io/load-balancer-name: "lb-name"
alb.ingress.kubernetes.io/scheme: "internet-facing"
alb.ingress.kubernetes.io/target-type: "instance"
alb.ingress.kubernetes.io/tags: "Name=qa-camunda-qa-ingress,Stage=qa"
external-dns.alpha.kubernetes.io/hostname: "example.com"
alb.ingress.kubernetes.io/subnets: "subnet-id"
alb.ingress.kubernetes.io/certificate-arn: "cert-arn"
identity:
auth:
publicIssuerUrl: "https://example.com/auth/realms/camunda-platform"
operate:
redirectUrl: "https://example.com/operate"
tasklist:
redirectUrl: "https://example.com/tasklist"
optimize:
redirectUrl: "https://example.com/optimize"
operate:
service:
type: NodePort
contextPath: "/operate"
identity:
service:
type: NodePort
keycloak:
service:
type: NodePort
extraEnvVars:
- name: KEYCLOAK_PROXY_ADDRESS_FORWARDING
value: "true"
- name: KEYCLOAK_FRONTEND_URL
value: "https://example.com/auth"
env:
- name: IDENTITY_URL
value: "https://example.com/identity"
contextPath: "/identity"
fullURL: "https://example.com/identity"
tasklist:
service:
type: NodePort
contextPath: "/tasklist"
optimize:
service:
type: NodePort
contextPath: "/optimize"
zeebe-gateway:
service:
type: NodePort