Istio 1.4 - HTTPS OPTIONS Request

Hello everybody.

I upgraded to Istio 1.4 from 1.3.5 and now im getting issues with OPTION requests thought https.

Now i’m getting 503 for all of them.

$ curl -v -X OPTIONS
https://xxxxx

  • Trying xxxxxx…
  • TCP_NODELAY set
  • Connected to xxx.xxx.xxx.xxx.co (xxxxx) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/cert.pem
    CApath: none
  • TLSv1.2 (OUT), TLS handshake, Client hello (1):
  • TLSv1.2 (IN), TLS handshake, Server hello (2):
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
  • TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
  • TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
  • TLSv1.2 (IN), TLS handshake, Finished (20):
  • SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
  • ALPN, server accepted to use h2
  • Server certificate:
  • subject: CN=xxxxxx
  • start date: Nov 13 18:24:12 2019 GMT
  • expire date: Feb 11 18:24:12 2020 GMT
  • subjectAltName: host “xxxxxx” matched cert’s “xxxxx”
  • issuer: C=US; O=Let’s Encrypt; CN=Let’s Encrypt Authority X3
  • SSL certificate verify ok.
  • Using HTTP2, server supports multi-use
  • Connection state changed (HTTP/2 confirmed)
  • Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
  • Using Stream ID: 1 (easy handle 0x7fd4fa007000)

OPTIONS /xxxxx HTTP/2
Host: xxxxxxx
User-Agent: curl/7.64.1
Accept: /

  • Connection state changed (MAX_CONCURRENT_STREAMS == 4294967295)!
    < HTTP/2 503
    < content-length: 95
    < content-type: text/plain
    < date: Tue, 26 Nov 2019 12:27:09 GMT
    < server: istio-envoy
    <
  • Connection #0 to host xx.xx.xxx.xxx.co left intact
    upstream connect error or disconnect/reset before headers. reset reason: connection termination* Closing connection 0

Any idea?

Sorry, I had to write this to find the issue :grin: was a typo on the port name: tpc instead of tcp.

Those are the best bug reports :slight_smile:

1 Like