Trying to enable mTLS and following the certificate generation as in here: https://istio.io/latest/docs/tasks/security/cert-management/dns-cert/
but the generated secret/certificate doesn’t have the X509v3 Subject Alternative Name: field at all
Also, the generated secret has json with fields names as ‘cert-chain.pem’ and ‘key.pem’ for certificate and key respectively but the ingress gateway is expecting field names to be ‘tls.crt’ and ‘tls.key’ and is throwing an error when reading it :
warn secretfetcher failed load server cert/key pair from secret : server cert or private key is empty
Any help on these issues is much appreciated. Many thanks