Skip to content

HTTPS redirection

Operators can force HTTPS redirection for all Services. See the http-protocol mentioned in the Enabling automatic TLS certificate provisioning page for more details.

Overriding the default HTTP behavior

You can override the default behavior for each Service or global configuration.

  • Global key: http-protocol
  • Per-revision annotation key: networking.knative.dev/http-protocol
  • Possible values:
    • enabled — Services accept HTTP traffic.
    • redirected — Services send a 301 redirect for all HTTP connections and ask clients to use HTTPS instead.
  • Default: enabled

Example:

apiVersion: serving.knative.dev/v1
kind: Service
metadata:
  name: example
  namespace: default
  annotations:
    networking.knative.dev/http-protocol: "redirected"
spec:
  ...

apiVersion: v1
kind: ConfigMap
metadata:
  name: config-network
  namespace: knative-serving
data:
  http-protocol: "redirected"

apiVersion: operator.knative.dev/v1alpha1
kind: KnativeServing
metadata:
  name: knative-serving
spec:
  config:
    network:
      http-protocol: "redirected"

We use analytics and cookies to understand site traffic. Information about your use of our site is shared with Google for that purpose. Learn more.

× OK