Istio Ingress Gateway with Cert-Manager TLS

I am trying to deploy ingress gateway handling SSL certificates with Cert-Manager. I have followed the documentation at - however I can only connect to services using istio ingress through http and not https, getting connection refused to port 443. When inspecting istio ingressgateway I can see the following error:

[warning][config] [bazel-out/k8-opt/bin/external/envoy/source/common/config/_virtual_includes/grpc_mux_subscription_lib/common/config/grpc_mux_subscription_impl.h:77] gRPC config for rejected: Error adding/updating listener(s) Invalid path: sds

What did I miss?

What version of Istio are you running? You might be facing this issue:

I am running 1.1.10, and it seems to me that the linked issue is not affecting me (for now at least)