Egress mtls from sidecar directly


I see many guides for configuring egress mtls via tls origination through a gateway. Is it possible to configure a sidecar to perform tls origination with mtls directly without setting up an egress gateway?

thank you

this should be doable - only a subset of the steps here Istio / Egress Gateways with TLS Origination would be required. Mainly - the service Entry for the external service would be required and a destination Rule needs to be applied on all workloads to originate TLS to the service Entry - no virtual service/gateway apis should be needed. For more details, I recommend tagging this post as networking for more input.