I do get some weird certificate issue, if I try to setup Openshift / OKD behind the Cloudflare DNS Proxy. My setup needs to work such as:
Client --> Cloudflare DNS Proxy --> PfSense HAProxy TCP LoadBalancer --> Openshift/OKD
This does work perfectly fine for any own service and route in Openshift, which uses TLS Mode edge.
However I do want to expose the default web console to an subdomain. The web console is deployed with TLS mode reencrypt, this is done by an operator. TLS mode reencrpyt does not seem to work. I have tried to deploy an other service with TLS mode reencrypt - does not work!
I am getting some error Messages in different Browsers, e.g. Firefox SSL_ERROR_NO_CYPHER_OVERLAP
My Tries so far:
a) Change TLS Mode to edge for the web console => does not work, since it will be changed back immediately
b) Use different Certificates between Cloudflare and the Originservers => does not change the behavior, also I doubt that this is an issue since TLS mode edge does work, so the connection is working.
I have no other idea to debug and or to fix this problem.
What are some ways to handle this and make my setup work??
