The nginx ingress controller supports using a default certificate for connections that don't have an explicit secret set in their tls section. This default certificate is only used if a secretName is not provided.

As far as I've been able to tell from how the Ingress entry is created there is no way of getting an ingressTLS object added without providing some sort of secret.

Would it be possible to get an option to make the operator create an ingress entry with TLS, but without a secret name to make nginx use the default certificate? (which usually will be a wildcard certificate matching the at a certain level of the domainName given).