Installing Signer Certs in Istio


We need help with the following use case to implement two way SSL authentication between Istio Ingress Gateway and a Client. We need to be able to validate the signer certificate provided by the client on the Istio Ingress Gateway. All the examples we have come across require a private key, but with the signer certificates we do not get a private key.

Additionally, we have to maintain our server certificate in the secret too. Are there any thoughts or instructions on how to achieve this configuration ?

Thank you.