HTTPS redirection

Operators can force HTTPS redirection for all Services. See the http-protocol mentioned in the Turn on AutoTLS page for more details.

Overriding the default HTTP behavior

You can override the default behavior for each Service or global configuration.

  • Global key: http-protocol
  • Per-revision annotation key: networking.knative.dev/http-protocol
  • Possible values:
    • enabled — Services accept HTTP traffic.
    • redirected — Services send a 301 redirect for all HTTP connections and ask clients to use HTTPS instead.
  • Default: enabled

Example:

Per ServiceGlobal (ConfigMap)Global (Operator)

  1. apiVersion: serving.knative.dev/v1
  2. kind: Service
  3. metadata:
  4. name: example
  5. namespace: default
  6. annotations:
  7. networking.knative.dev/http-protocol: "redirected"
  8. spec:
  9. ...
  1. apiVersion: v1
  2. kind: ConfigMap
  3. metadata:
  4. name: config-network
  5. namespace: knative-serving
  6. data:
  7. http-protocol: "redirected"
  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeServing
  3. metadata:
  4. name: knative-serving
  5. spec:
  6. config:
  7. network:
  8. http-protocol: "redirected"