HTTPS in kubernetes cluster, shall we let ingress do it?

Hi, I used to install keycloak(old version) with HTTP only, and let ingress handle the HTTPS stuff for me.

For recent versions, it seems HTTPS becomes default, and there is no config parameter to disable https, correct me if I am wrong.

I know ingress can use HTTPS backends.

but which one is better, let keycloak do TLS or ingress ?

sorry for my bad english…