Once SRVKS-545 is fixed (most likely in release 1.19), we'll start setting a new default URL scheme for users to signify that we actually support HTTPS based routes by default. That might however cause breakage for some customers.

In order to alleviate such breakage, we should announce that the change is coming a few versions prior and add guidance for users that think they'd be impacted to take action to not be impacted.

As such, we should add a remark in the release-notes of at least 1.18 (potentially earlier) about that upcoming change and guide users to avoid the change if necessary.

Suggested wording

Openshift Serverless will start to default the URL scheme of external routes to HTTPS as its the more secure variant. HTTPS has been working for routes ever since but routes have been propagated as HTTP somewhat confusingly. This change will happen in the upcoming release 1.19.

If you want to benefit from HTTPS routes in 1.18, you can apply the following change to your KnativeServing.

spec:
  config:
    network:
      defaultExternalScheme: "https"

If you think this change might negatively impact your existing workloads, you can override the default before upgrading to 1.19 by adding the following to your KnativeServing:

spec:
  config:
    network:
      defaultExternalScheme: "http"

If you've created custom Openshift Routes, make sure they allow for HTTPS traffic to be sent to it.