Hello,
I am running istio1.2.7 opensource on GKE. I have mutual TLS enabled.
I recently added a dashboard microservice in a different namespace where istio is not enabled. my destination rule looks like this:
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
labels:
app: dashboard-frontend
chart: dashboard-frontend-0.1.1
heritage: Tiller
release: dashboard-frontend-cl-v1
name: dashboard-frontend-cl-v1
namespace: dashboard
spec:
host: dashboard-frontend-cl-v1
trafficPolicy:
tls:
mode: ISTIO_MUTUAL
Gateway is in a different namespace. I was getting 404 before but after adding namespace in “gateway” section of “virtualservice” I am getting 503 now and I can see in logs call is getting forwarded to correct kubernetes service.
In logs errors are like these:
“TLS error: 268435703:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER”
I have not configured any servicerole for this though. Is that is something I am missing here or something else ?