Egress TLS Origination and http

prabhu-mannu · February 25, 2020, 2:22am

hi
I am trying to get the egress TLS Origination to work on port 80 and use passthrough on 443 at the same time.

As of now once I enable TLS Origination at port 80, direct curl to 443 fails. (Mutual TLS disabled)
following the example; https://archive.istio.io/v1.2/docs/tasks/traffic-management/egress/egress-gateway-tls-origination/#perform-tls-origination-with-an-egress-gateway
this is OK:
kubectl exec -it $SOURCE_POD -c sleep – curl -sL -o /dev/null -D - http://edition.cnn.com/politics

this is NOT OK
kubectl exec -it $SOURCE_POD -c sleep – curl -sL -o /dev/null -D - https://edition.cnn.com/politics

Basically I want to retain the backwards compatibility, as existing application uses https. we don’t want to break the current env.

Topic		Replies	Views
Istio: Unable to set up mutual TLS origination with an egress gateway, custom certificates Networking	7	5015	August 16, 2022
Does Egress TLS Origination works for TCP app instead of HTTP	0	160	June 7, 2023
Cannot intercept TLS traffic with istio egress gateway Security security	1	1066	June 14, 2021
TLS origination for egress traffic test failing when k8s is behind corporate proxy openshift , security	1	328	January 17, 2023
503 when implementing egress tls origination	4	1433	July 31, 2020