I configured a DestinationRule to use TLS. This is my DestinationRule:
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
...
spec:
host: myhost.com
trafficPolicy:
portLevelSettings:
- port:
number: 8443
tls:
mode: SIMPLE
credentialName: myhost-tls
At first, I had ca.crt, tls.crt, tls.key in the myhost-tls secret, and the connection worked. However, the connection still worked after I deleted the secret. Hence, I am wondering does Istio cache the TLS credentials or does the Istio client actually doesn’t verify the certificate sent from the server?