diff --git a/internal/chart/testdata/charts/dashboard-istio-cluster-issuer.yaml b/internal/chart/testdata/charts/dashboard-istio-cluster-issuer.yaml
index fb132409..651d58b2 100755
--- a/internal/chart/testdata/charts/dashboard-istio-cluster-issuer.yaml
+++ b/internal/chart/testdata/charts/dashboard-istio-cluster-issuer.yaml
@@ -420,6 +420,14 @@ spec:
       credentialName: dashboard-cname-theketch-io
     hosts:
     - theketch.io
+  - port:
+      name: http-to-https-3-theketch.io
+      number: 80
+      protocol: HTTP
+    hosts:
+    - theketch.io
+    tls:
+      httpsRedirect: true
   - port:
       number: 443
       name: https-3-app.theketch.io
@@ -429,6 +437,14 @@ spec:
       credentialName: dashboard-cname-app-theketch-io
     hosts:
     - app.theketch.io
+  - port:
+      name: http-to-https-3-app.theketch.io
+      number: 80
+      protocol: HTTP
+    hosts:
+    - app.theketch.io
+    tls:
+      httpsRedirect: true
   - port:
       number: 443
       name: https-3-darkweb.theketch.io
@@ -438,6 +454,14 @@ spec:
       credentialName: darkweb-ssl
     hosts:
     - darkweb.theketch.io
+  - port:
+      name: http-to-https-3-darkweb.theketch.io
+      number: 80
+      protocol: HTTP
+    hosts:
+    - darkweb.theketch.io
+    tls:
+      httpsRedirect: true
   - port:
       number: 80
       name: http-4
@@ -453,6 +477,14 @@ spec:
       credentialName: dashboard-cname-theketch-io
     hosts:
     - theketch.io
+  - port:
+      name: http-to-https-4-theketch.io
+      number: 80
+      protocol: HTTP
+    hosts:
+    - theketch.io
+    tls:
+      httpsRedirect: true
   - port:
       number: 443
       name: https-4-app.theketch.io
@@ -462,6 +494,14 @@ spec:
       credentialName: dashboard-cname-app-theketch-io
     hosts:
     - app.theketch.io
+  - port:
+      name: http-to-https-4-app.theketch.io
+      number: 80
+      protocol: HTTP
+    hosts:
+    - app.theketch.io
+    tls:
+      httpsRedirect: true
   - port:
       number: 443
       name: https-4-darkweb.theketch.io
@@ -471,6 +511,14 @@ spec:
       credentialName: darkweb-ssl
     hosts:
     - darkweb.theketch.io
+  - port:
+      name: http-to-https-4-darkweb.theketch.io
+      number: 80
+      protocol: HTTP
+    hosts:
+    - darkweb.theketch.io
+    tls:
+      httpsRedirect: true
 ---
 # Source: dashboard/templates/virtualService.yaml
 apiVersion: networking.istio.io/v1alpha3
diff --git a/internal/chart/testdata/charts/dashboard-nginx-cluster-issuer.yaml b/internal/chart/testdata/charts/dashboard-nginx-cluster-issuer.yaml
index 9f0a9ede..5d2b0e6b 100755
--- a/internal/chart/testdata/charts/dashboard-nginx-cluster-issuer.yaml
+++ b/internal/chart/testdata/charts/dashboard-nginx-cluster-issuer.yaml
@@ -340,7 +340,7 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: dashboard-0-https-ingress
+  name: dashboard-0-http-ingress
   annotations:
     kubernetes.io/ingress.class: "ingress-class"
     theketch.io/metadata-item-kind: Ingress
@@ -364,7 +364,7 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: dashboard-1-https-ingress
+  name: dashboard-1-http-ingress
   annotations:
     kubernetes.io/ingress.class: "ingress-class"
     nginx.ingress.kubernetes.io/canary: "true"
@@ -393,6 +393,8 @@ metadata:
   name: dashboard-0-https-ingress
   annotations:
     kubernetes.io/ingress.class: "ingress-class"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
   labels:
     theketch.io/app-name: "dashboard"
 spec:
@@ -445,6 +447,8 @@ metadata:
   name: dashboard-1-https-ingress
   annotations:
     kubernetes.io/ingress.class: "ingress-class"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
     nginx.ingress.kubernetes.io/canary: "true"
     nginx.ingress.kubernetes.io/canary-weight: "70"
   labels:
diff --git a/internal/chart/testdata/charts/dashboard-nginx.yaml b/internal/chart/testdata/charts/dashboard-nginx.yaml
index 2a8332ff..d97bfc59 100755
--- a/internal/chart/testdata/charts/dashboard-nginx.yaml
+++ b/internal/chart/testdata/charts/dashboard-nginx.yaml
@@ -344,7 +344,7 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: dashboard-0-https-ingress
+  name: dashboard-0-http-ingress
   annotations:
     kubernetes.io/ingress.class: "gke"
     theketch.io/metadata-item-kind: Ingress
@@ -395,7 +395,7 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: dashboard-1-https-ingress
+  name: dashboard-1-http-ingress
   annotations:
     kubernetes.io/ingress.class: "gke"
     nginx.ingress.kubernetes.io/canary: "true"
diff --git a/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer-shipa.yaml b/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer-shipa.yaml
index d045322a..a7f18634 100755
--- a/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer-shipa.yaml
+++ b/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer-shipa.yaml
@@ -415,6 +415,32 @@ spec:
 # Source: dashboard/templates/https-ingress-routes.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
+metadata:
+  name: dashboard-https-theketch-io-http-redirect
+  annotations:
+    kubernetes.io/ingress.class: "ingress-class"
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+  labels:
+    shipa.io/app-name: "dashboard"
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host("theketch.io")
+      kind: Rule
+      middlewares:
+        - name: dashboard-https-theketch-io-redirect-scheme
+      services:
+      - name: dashboard-web-3
+        port: 9090
+        weight: 30
+      - name: dashboard-web-4
+        port: 9091
+        weight: 70
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
 metadata:
   name: dashboard-https-app-theketch-io
   annotations:
@@ -441,6 +467,32 @@ spec:
 # Source: dashboard/templates/https-ingress-routes.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
+metadata:
+  name: dashboard-https-app-theketch-io-http-redirect
+  annotations:
+    kubernetes.io/ingress.class: "ingress-class"
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+  labels:
+    shipa.io/app-name: "dashboard"
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host("app.theketch.io")
+      kind: Rule
+      middlewares:
+        - name: dashboard-https-app-theketch-io-redirect-scheme
+      services:
+      - name: dashboard-web-3
+        port: 9090
+        weight: 30
+      - name: dashboard-web-4
+        port: 9091
+        weight: 70
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
 metadata:
   name: dashboard-https-darkweb-theketch-io
   annotations:
@@ -462,4 +514,60 @@ spec:
       port: 9091
       weight: 70
   tls:
-    secretName: darkweb-ssl
\ No newline at end of file
+    secretName: darkweb-ssl
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: dashboard-https-darkweb-theketch-io-http-redirect
+  annotations:
+    kubernetes.io/ingress.class: "ingress-class"
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+  labels:
+    shipa.io/app-name: "dashboard"
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host("darkweb.theketch.io")
+      kind: Rule
+      middlewares:
+        - name: dashboard-https-darkweb-theketch-io-redirect-scheme
+      services:
+      - name: dashboard-web-3
+        port: 9090
+        weight: 30
+      - name: dashboard-web-4
+        port: 9091
+        weight: 70
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-https-theketch-io-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-https-app-theketch-io-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-https-darkweb-theketch-io-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
\ No newline at end of file
diff --git a/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer.yaml b/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer.yaml
index 665600e8..6d36079c 100755
--- a/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer.yaml
+++ b/internal/chart/testdata/charts/dashboard-traefik-cluster-issuer.yaml
@@ -415,6 +415,32 @@ spec:
 # Source: dashboard/templates/https-ingress-routes.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
+metadata:
+  name: dashboard-https-theketch-io-http-redirect
+  annotations:
+    kubernetes.io/ingress.class: "ingress-class"
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+  labels:
+    theketch.io/app-name: "dashboard"
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host("theketch.io")
+      kind: Rule
+      middlewares:
+        - name: dashboard-https-theketch-io-redirect-scheme
+      services:
+      - name: dashboard-web-3
+        port: 9090
+        weight: 30
+      - name: dashboard-web-4
+        port: 9091
+        weight: 70
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
 metadata:
   name: dashboard-https-app-theketch-io
   annotations:
@@ -441,6 +467,32 @@ spec:
 # Source: dashboard/templates/https-ingress-routes.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
+metadata:
+  name: dashboard-https-app-theketch-io-http-redirect
+  annotations:
+    kubernetes.io/ingress.class: "ingress-class"
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+  labels:
+    theketch.io/app-name: "dashboard"
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host("app.theketch.io")
+      kind: Rule
+      middlewares:
+        - name: dashboard-https-app-theketch-io-redirect-scheme
+      services:
+      - name: dashboard-web-3
+        port: 9090
+        weight: 30
+      - name: dashboard-web-4
+        port: 9091
+        weight: 70
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
 metadata:
   name: dashboard-https-darkweb-theketch-io
   annotations:
@@ -462,4 +514,60 @@ spec:
       port: 9091
       weight: 70
   tls:
-    secretName: darkweb-ssl
\ No newline at end of file
+    secretName: darkweb-ssl
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: dashboard-https-darkweb-theketch-io-http-redirect
+  annotations:
+    kubernetes.io/ingress.class: "ingress-class"
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+  labels:
+    theketch.io/app-name: "dashboard"
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host("darkweb.theketch.io")
+      kind: Rule
+      middlewares:
+        - name: dashboard-https-darkweb-theketch-io-redirect-scheme
+      services:
+      - name: dashboard-web-3
+        port: 9090
+        weight: 30
+      - name: dashboard-web-4
+        port: 9091
+        weight: 70
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-https-theketch-io-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-https-app-theketch-io-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
+---
+# Source: dashboard/templates/https-ingress-routes.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-https-darkweb-theketch-io-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
\ No newline at end of file
diff --git a/internal/templates/istio/yamls/gateway.yaml b/internal/templates/istio/yamls/gateway.yaml
index d28e4133..519d9539 100644
--- a/internal/templates/istio/yamls/gateway.yaml
+++ b/internal/templates/istio/yamls/gateway.yaml
@@ -36,6 +36,14 @@ spec:
       credentialName: {{ $https.secretName }}
     hosts:
     - {{ $https.cname }}
+  - port:
+      name: http-to-https-{{ $deployment.version }}-{{ $https.cname }}
+      number: 80
+      protocol: HTTP
+    hosts:
+    - {{ $https.cname }}
+    tls:
+      httpsRedirect: true
         {{- end }}
       {{- end }}
       {{- end }}
diff --git a/internal/templates/nginx/yamls/ingress.yaml b/internal/templates/nginx/yamls/ingress.yaml
index 05cc53f8..81e9ab9f 100644
--- a/internal/templates/nginx/yamls/ingress.yaml
+++ b/internal/templates/nginx/yamls/ingress.yaml
@@ -5,7 +5,7 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: {{ $.Values.app.name }}-{{ $i }}-https-ingress
+  name: {{ $.Values.app.name }}-{{ $i }}-http-ingress
   annotations:
     {{- if $.Values.ingressController.className }}
     kubernetes.io/ingress.class: {{ $.Values.ingressController.className | quote }}
@@ -53,6 +53,8 @@ metadata:
     {{- if $.Values.ingressController.className }}
     kubernetes.io/ingress.class: {{ $.Values.ingressController.className | quote }}
     {{- end }}
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
     {{- if gt $i 0 }}
     nginx.ingress.kubernetes.io/canary: "true"
     nginx.ingress.kubernetes.io/canary-weight: "{{ $deployment.routingSettings.weight }}"
diff --git a/internal/templates/traefik/yamls/https-ingress-routes.yaml b/internal/templates/traefik/yamls/https-ingress-routes.yaml
index c63e88b2..da7dadf8 100644
--- a/internal/templates/traefik/yamls/https-ingress-routes.yaml
+++ b/internal/templates/traefik/yamls/https-ingress-routes.yaml
@@ -2,6 +2,15 @@
 {{- if .Values.app.ingress.https }}
 {{- range $i, $https := .Values.app.ingress.https }}
 apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ $https.uniqueName }}-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
+---
+apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
   name: {{ $https.uniqueName }}
@@ -35,6 +44,40 @@ spec:
   tls:
     secretName: {{ $https.secretName }}
 ---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: {{ $https.uniqueName }}-http-redirect
+  annotations:
+    {{- if $.Values.ingressController.className }}
+    kubernetes.io/ingress.class: {{ $.Values.ingressController.className | quote }}
+    {{- end }}
+    {{- if $.Values.ingressController.clusterIssuer }}
+    cert-manager.io/cluster-issuer: {{ $.Values.ingressController.clusterIssuer | quote }}
+    {{- end }}
+  labels:
+    {{ $.Values.app.group }}/app-name: {{ $.Values.app.name | quote }}
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host("{{ $https.cname }}")
+      kind: Rule
+      middlewares:
+        - name: {{ $https.uniqueName }}-redirect-scheme
+      services:
+      {{- range $_, $deployment := $.Values.app.deployments }}
+      {{- range $_, $process := $deployment.processes }}
+      {{- if $process.routable }}
+      {{- if gt $deployment.routingSettings.weight 0.0}}
+      - name: {{ printf "%s-%s-%v" $.Values.app.name $process.name $deployment.version }}
+        port: {{ $process.publicServicePort }}
+        weight: {{$deployment.routingSettings.weight}}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+---
 {{- end }}
 {{- end }}
 {{- end }}