diff --git a/authentik/providers/proxy/controllers/k8s/ingress.py b/authentik/providers/proxy/controllers/k8s/ingress.py
index 5ed990013..2815f2a9d 100644
--- a/authentik/providers/proxy/controllers/k8s/ingress.py
+++ b/authentik/providers/proxy/controllers/k8s/ingress.py
@@ -89,8 +89,11 @@ class IngressReconciler(KubernetesObjectReconciler[V1Ingress]):
             # goes to the same pod
             "nginx.ingress.kubernetes.io/affinity": "cookie",
             "traefik.ingress.kubernetes.io/affinity": "true",
+            # Buffer sizes for large headers with JWTs
             "nginx.ingress.kubernetes.io/proxy-buffers-number": "4",
             "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k",
+            # Ensure ingress can receive TLS traffic
+            "traefik.ingress.kubernetes.io/router.tls": "true",
         }
         annotations.update(self.controller.outpost.config.kubernetes_ingress_annotations)
         return annotations