Change default namespace (istio-system) for mutual TLS for the entire mesh using PeerAuthentication

I have deployed Istio 1.5.1 in another namespace “my-istio” and not “istio-system”.
When I try to enable mutual TLS for entire mesh using PeerAuthentication, it expects to be present in “istio-system” namespace with name “default”.

Is there a way to configure namespace as I want to deploy it in “my-istio” namespace?

1 Like

what are your steps to try to do this job?

I am following this doc

But my istio namespace is “my-istio” and not “istio-system”.

When I deployed “default” PeerAuthentication in “my-istio” namespace (to enforce mTLS on mesh level) it did not work. However, the same worked when explicitly created “istio-system” and deployed the same default PeerAuthentication in this namespace.

Expected: Since all my istio components are deployed in “my-istio” namespace, enforcing mTLS on mesh level should happen when default PeerAuthentication policy is created in this namespace instead of “istio-system”.

Hi @anmolagrawal23
Just to know that how did you change the name of the namespace(isto-system). ?