Istio - TLS issue when the sidecar is set

Hey,

I’ve installed Istio on a GKE cluster, with the minimal profile.

I’ve a service A and service B which already communicate via TLS (https), as soon as add the sidecar, service A can’t communicate with service B anymore, and I got TLS errors depending of the mTLS mode

mode: PERMISSIVE

transport: authentication handshake failed

mode: DISABLE

tls: first record does not look like a TLS handshake

When I try via curl

routines:ssl3_get_record:wrong version number

I probably miss some point, but I’m new to Istio and after many days of debug, I’ve no more ideas.

Maybe an important point, the certificated used by my services isn’t signed by a public root certificate (self-signed)

Just found the issue

My port was named grpc and not tls-*