mutual-auth.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    ingress.citrix.com/backend-ca-secret: '{"apache": "tls-ca"}'
    ingress.citrix.com/backend-secret: '{"apache": "wildcard-secret"}'
    ingress.citrix.com/backend-sslprofile: '{"apache":{"serverauth": "enabled", "sni":
      "enabled"}}'
    ingress.citrix.com/ca-secret: '{"apache": "tls-ca"}'
    ingress.citrix.com/frontend-ip: A.B.C.D
    ingress.citrix.com/frontend-sslprofile: '{"clientauth": "enabled", "sni": "enabled"
      }'
    ingress.citrix.com/secure_backend: '{"apache": "True"}'
  name: web-ingress
spec:
  ingressClassName: citrix
  rules:
  - host: www.guestbook.com
    http:
      paths:
      - backend:
          service:
            name: apache
            port:
              number: 443
        path: /
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - www.guestbook.com
    secretName: wildcard-secret
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: citrix
spec:
  controller: citrix.com/ingress-controller
---