Disable registry-standalone-ingress?
Currently in production we have registry-staindalone ingress which allows users to use port 80 to interact with the registry.
Although this is only available in port 80 if this exists in the cluster the https:// connection will still resolve and will work.
This in turn serves the https:// request with a self signed certificate from nginx-ingress (because the connection is extablished using the node IP/ node name or LB name.
We are receiving security warnings that this tls is expired (when contacting the node names) which has become kinda annoying.
Should we just drop this utility
or find a way to redirect/block requests that do not specify HOST: registry.cern.ch for secure connections?