Configure gateway with Simple and Mutual TLS for same host

Binoy_Sankar · May 22, 2019, 10:01am

Dears,

Requirement in brief: How to have SIMPLE & MUTUAL TLS for specific endpoints in a virtual service for same host.

I have configured Istio Gateway and VirtualService as described in the Istio which is working fine.
Now we have a requirement that one of the endpoint in a service needs only MTLS validation. But when I changed tls mode to MUTUAL in gateway it is applied for all the endpoints for the host. I created two virtualservice and two gateway configurations for the above need which didn’t worked.
Please help whether this is possible or not.

wenchenglu · June 6, 2019, 9:39pm

@diemtvu is this possible?

diemtvu · June 6, 2019, 10:19pm

I don’t think it’s possible. Anyway, this is about gateway, so networking team may have more insight. + @Costin_Manolache1 @andraxylia

Topic		Replies	Views
Both mTLS and non-mTLS traffic on same host Security security	0	441	April 5, 2021
Gateway Setup with multiple TLS settings on same port viable? Networking	1	647	February 22, 2021
Istio IngressGateway mTLS only for select paths Networking	0	139	October 12, 2023
Istio applies mutualTLS check before IP whitelist for gateway Networking	0	387	June 8, 2022
Istio 1.11.2 east west gateway setup using simple TLS mode	0	293	January 10, 2022

Configure gateway with Simple and Mutual TLS for same host

Related Topics