While most modern web applications choose to encrypt all traffic, there remain
cases where supporting cleartext communications is important. Ambassador Edge Stack supports
both forcing automatic redirection to HTTPS and
serving cleartext traffic on a
To allow cleartext to be routed, set the
requestPolicy.insecure.action of a
This allows routing for either HTTP and HTTPS, or only HTTP, depending on
- If the
Hostdoes not specify a
tlsSecret, it will only route HTTP, not terminating TLS at all.
- If the
Hostdoes specify a
tlsSecret, it will route both HTTP and HTTPS.
Most websites that force HTTPS will also automatically redirect any requests that come into it over HTTP:
In Ambassador Edge Stack, this is configured by setting the
insecure.action in a
Ambassador Edge Stack determines which requests are secure and which are insecure using the
securityModel of the
Listener that accepts the request.