Cannot access consoles that use shared certificates
You might find that you cannot access your your product console or application console when you share certificates between
icp-proxy routes share the same OpenShift Container Platform router application domain, for example,
app.ocp.ibm.com. If you configure wildcard certificates to include
*.app.ocp.ibm.com for both OpenShift Container Platform routes, the browser assumes that the connections are to the same server and attempts to reuse the existing connection. However,
icp-proxy routes point to different
servers. Sharing the wildcard certificates results in the following error from the browser.
default http backend, application requested not found
Resolving the problem
http2in NGINX ingress.
oc -n kube-system edit configmap nginx-ingress-controller
use-http2: falseto the configuration file. Delete the
nginx-ingress-controllerpods to restart them.
Use a different certificate for the application that is proxied by NGINX ingress. You can set a different certificate CN for your application.