I have deployed an nginx-ingress controller in an aws eks cluster using an helm chart from artifact hub (https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx) .
I have edited the annotation to use NLB in aws, after the deployment if ingress-nginx and applicatons behind the ingress controller, the application behind the NLB is working fine but was serving on not secure mode (no ssl) , then I changed the listner port of nlb from tcp to tls and attached an ssl certificate.
Now after this change my application is able to operate on ssl but getting an error as "Nginx 400, A plain http response was sent to HTTPS port" .
Can someone help me on understanding this issue and potential options to resolve the issue.
the values and configuration are almost default that we took from here "https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx"
If you are attaching the SSL/TLS certificate on LB level from ACM (AWS cert-manager)
You have to create the two listener, TCP with port 80 & TLS with 443 port attach the necessary cert into the TLS listener.
You can also read more at: https://aws.amazon.com/premiumsupport/knowledge-center/terminate-https-traffic-eks-acm/
In the above example, it's using CLB however same steps will apply to the NLB to attach the certificate over LB.