Hello everybody.
I upgraded to Istio 1.4 from 1.3.5 and now im getting issues with OPTION requests thought https.
Now i’m getting 503 for all of them.
$ curl -v -X OPTIONS
https://xxxxx
- Trying xxxxxx…
- TCP_NODELAY set
- Connected to xxx.xxx.xxx.xxx.co (xxxxx) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- successfully set certificate verify locations:
- CAfile: /etc/ssl/cert.pem
CApath: none - TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
- TLSv1.2 (IN), TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
- ALPN, server accepted to use h2
- Server certificate:
- subject: CN=xxxxxx
- start date: Nov 13 18:24:12 2019 GMT
- expire date: Feb 11 18:24:12 2020 GMT
- subjectAltName: host “xxxxxx” matched cert’s “xxxxx”
- issuer: C=US; O=Let’s Encrypt; CN=Let’s Encrypt Authority X3
- SSL certificate verify ok.
- Using HTTP2, server supports multi-use
- Connection state changed (HTTP/2 confirmed)
- Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
- Using Stream ID: 1 (easy handle 0x7fd4fa007000)
OPTIONS /xxxxx HTTP/2
Host: xxxxxxx
User-Agent: curl/7.64.1
Accept: /
- Connection state changed (MAX_CONCURRENT_STREAMS == 4294967295)!
< HTTP/2 503
< content-length: 95
< content-type: text/plain
< date: Tue, 26 Nov 2019 12:27:09 GMT
< server: istio-envoy
< - Connection #0 to host xx.xx.xxx.xxx.co left intact
upstream connect error or disconnect/reset before headers. reset reason: connection termination* Closing connection 0
Any idea?
was a typo on the port name: tpc instead of tcp.