If ssl passthrough is enabled in ingress resource. How is it possible to perform TLS certificate pinning to communicate an app from outside?
Could you let us know which part of the course you are referring to. The more details about the issue, the better we can help.
In general cert, also known as key pinning, is not worth the extra hassle and was deprecated by several vendors in 2017 and Chrome and Firefox removed the option in 2019.
TLS can be a headache with the dynamic nature of Kubernetes. The use of a service mesh like Istio or Linkerd can add functionality like mTLS. For info on that go here: Automatic mTLS