Securing Applications with Edge Routes

Before creating a secure route, you need to generate a TLS certificate. The following command shows how to create a secure edge route with a TLS certificate.

The --key option requires the certificate private key, and the --cert option requires the certificate that has been signed with that key.

oc create route edge \
> --service api-frontend \
> --key api.key --cert api.crt

When using a route in edge mode, the traffic between the client and the router is encrypted, but traffic between the router and the application is not.

Network policies can help you protect the internal traffic between your applications or between projects. For more information on how to accomplish this, consult the Network Policy Objects in Action document in the references section.