We need to update the AAP 2.6 installer tarballs that incorporate modified routing changes when specific parameters are specified in the installer inventory. Specifically, when HTTPS/SSL/TLS directives are used, the AAP 2.6-3 installer does not update the envoy routing directives in the PG-SQL database, leading to "unhealthy upstream" results and a failed AAP 2.6-3 install procedure.

For example.
When any of these parameters are specified (1), the following DB changes should be implemented (2):
(1) - Inventory Parameters:
custom_ca_cert =<path>
gateway_main_url=https://<gateway>;
*_tls_cert=<path>
*_tls_key=<path>
*_nginx_disable_hsts=false
*_nginx_disable_https=false
*_nginx_https_port=<port>
*_extra_settings -> gateway_extra_settings=[

]

(2) Database Envoy Changes (on the GATEWAY database)
gateway=# BEGIN;
gateway=# SELECT id, name, is_service_https FROM aap_gateway_api_route;
gateway=# UPDATE aap_gateway_api_route SET is_service_https = true;
gateway=# SELECT id, name, is_service_https FROM aap_gateway_api_route;
gateway=# COMMIT;

These DB changes must be made *prior to* reaching this task > [ansible.containerized_installer.automationgateway : Ensure automation gateway proxy is ready]