SignalR on kubernetes with let's encrypt ingress service

I had similar issue and this is how I managed itnote : this solution is a working solution for pure websocket in dotnet core 2.2 i have not test it with signalR

use Apache as proxy Microsoft doc here

<IfModule mod_ssl.c><VirtualHost *:443>  ProxyPreserveHost On  RewriteEngine On  RewriteCond %{HTTP:Upgrade} =websocket [NC]  RewriteRule /(.*)           ws://127.0.0.1:81/$1 [P,L]  RewriteCond %{HTTP:Upgrade} !=websocket [NC]  RewriteRule /(.*)           http://127.0.0.1:81/$1 [P,L]    ProxyPass / http://127.0.0.1:81/    ProxyPassReverse / http://127.0.0.1:81/</VirtualHost></IfModule>

so basically what will happen is the traffic will be HTTPS till the Apache and then Apache will act as proxy and hand the traffic to the Kestrel.it may seam hard to configure but it's not, - configure the Apache to work with HTTP & WS then configure the let's encrypt like this :

sudo add-apt-repository ppa:certbot/certbotsudo apt install python-certbot-apachesudo nano /etc/apache2/sites-available/example.com.conf...ServerName example.com;...sudo apache2ctl configtestsudo systemctl reload apache2sudo ufw allow 'Apache Full'sudo ufw delete allow 'Apache'

the next line of command will configure your SSL Apache configuration

sudo certbot --apache -d example.com -d www.example.com

then you will be able to access to your site via HTTPS & WSS,It never failed till now :)