End to end TLS with Azure Application Gateway to istio ingress

We’ve got an Azure application gateway working with istio. Traffic flows through the gateway to the istio ingress controller, working just fine. However, we need the application gateway to not terminate TLS, we need the application gateway to reencrypt the traffic as it goes to the ingress controller. Has anyone set something up like this before who may be able to assist?

I don’t use the Azure cloud so I don’t know more about it. But gateway is a component of istio so I think It is not dependent on the infra which you use. In my case. I create a set of certificates by openssl command and create a secret from them, In gateway configuration you add spec tls for it with credentials value is secret’s name you created.

apiVersion: networking.istio.io/v1beta1
kind: Gateway
  name: internal-gateway-tls
  namespace: istio-system
    app: istio-ingressgateway
    istio: ingressgateway
  - hosts:
    - '*'
      name: https
      number: 443
      protocol: HTTPS
      credentialName: secret’s name
      mode: SIMPLE