I see the controller accessing the cert from the keyvault, however I only see the default cert on my request via nginx/loadbalancer?
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SecretRotationComplete 2m45s (x1351 over 45h) csi-secrets-store-rotation successfully rotated K8s secret keyvault-aks-helloworld
W0403 20:49:55.943237 8 client_config.go:617] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0403 20:49:55.943356 8 main.go:230] "Creating API client" host="https://10.0.0.1:443"
I0403 20:49:55.969354 8 main.go:274] "Running in Kubernetes cluster" major="1" minor="25" git="v1.25.5" state="clean" commit="34f89fd3fb1a106e1b23d3454b2f2cbf305602a1" platform="linux/amd64"
I0403 20:49:56.117844 8 main.go:104] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I0403 20:49:56.156436 8 nginx.go:256] "Starting NGINX Ingress controller"
I0403 20:49:56.167175 8 event.go:285] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"app-routing-system", Name:"nginx", UID:"ab23add5-1ee7-4087-9f36-4aa9e6b89231", APIVersion:"v1", ResourceVersion:"888515", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap app-routing-system/nginx
I0403 20:49:57.262751 8 store.go:429] "Found valid IngressClass" ingress="hello-web-app-routing/aks-helloworld" ingressclass="webapprouting.kubernetes.azure.com"
I0403 20:49:57.262953 8 event.go:285] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"hello-web-app-routing", Name:"aks-helloworld", UID:"0728b251-5789-4717-ad35-98c774c24647", APIVersion:"networking.k8s.io/v1", ResourceVersion:"70171", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
W0403 20:49:57.263085 8 backend_ssl.go:45] Error obtaining X.509 certificate: no object matching key "hello-web-app-routing/aks-helloworld" in local store
I0403 20:49:57.358809 8 nginx.go:299] "Starting NGINX process"
I0403 20:49:57.358865 8 leaderelection.go:248] attempting to acquire leader lease app-routing-system/ingress-controller-leader...
W0403 20:49:57.359297 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
I0403 20:49:57.359362 8 controller.go:167] "Configuration changes detected, backend reload required"
I0403 20:49:57.365888 8 status.go:84] "New leader elected" identity="nginx-5fcff8b64d-kmxtl"
I0403 20:49:57.412721 8 controller.go:184] "Backend successfully reloaded"
I0403 20:49:57.412812 8 controller.go:195] "Initial sync, sleeping for 1 second"
I0403 20:49:57.412888 8 event.go:285] Event(v1.ObjectReference{Kind:"Pod", Namespace:"app-routing-system", Name:"nginx-5fcff8b64d-q67qb", UID:"831f0f20-5d12-438b-b9f0-a773133c8348", APIVersion:"v1", ResourceVersion:"889106", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
W0403 20:50:01.166306 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
I0403 20:50:03.178975 8 event.go:285] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"app-routing-system", Name:"nginx", UID:"ab23add5-1ee7-4087-9f36-4aa9e6b89231", APIVersion:"v1", ResourceVersion:"889155", FieldPath:""}): type: 'Normal' reason: 'UPDATE' ConfigMap app-routing-system/nginx
W0403 20:50:04.500398 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
W0403 20:50:07.833100 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
W0403 20:50:11.166617 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
W0403 20:50:30.529919 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
W0403 20:50:33.864325 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
W0403 20:50:45.910019 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
I0403 20:51:20.797095 8 leaderelection.go:258] successfully acquired lease app-routing-system/ingress-controller-leader
I0403 20:51:20.797185 8 status.go:84] "New leader elected" identity="nginx-5fcff8b64d-q67qb"
W0403 20:52:06.462263 8 controller.go:1334] Error getting SSL certificate "hello-web-app-routing/aks-helloworld": local SSL certificate hello-web-app-routing/aks-helloworld was not found. Using default certificate
I0403 20:52:06.479694 8 event.go:285] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"app-routing-system", Name:"nginx", UID:"ab23add5-1ee7-4087-9f36-4aa9e6b89231", APIVersion:"v1", ResourceVersion:"889835", FieldPath:""}): type: 'Normal' reason: 'UPDATE' ConfigMap app-routing-system/nginx