I have a pod A deployed with its own cert and key, the cert being issued from the same signing certificate which the mesh uses. The pod didn’t have the mesh sidecar. If I now want to configure mTLS connectivity between pods inside the mesh and this pod, I am trying to understand the simplest configuration that would work for me.
- A destination rule for the pod A, specifying ISTIO_MUTUAL as the TLS mode for the FQDN of the target service A.
Would I need any egress gateway and virtual service as well?