I am running istio1.2.7 opensource on GKE. I have mutual TLS enabled.
I recently added a dashboard microservice in a different namespace where istio is not enabled. my destination rule looks like this:
apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: labels: app: dashboard-frontend chart: dashboard-frontend-0.1.1 heritage: Tiller release: dashboard-frontend-cl-v1 name: dashboard-frontend-cl-v1 namespace: dashboard spec: host: dashboard-frontend-cl-v1 trafficPolicy: tls: mode: ISTIO_MUTUAL
Gateway is in a different namespace. I was getting 404 before but after adding namespace in “gateway” section of “virtualservice” I am getting 503 now and I can see in logs call is getting forwarded to correct kubernetes service.
In logs errors are like these:
“TLS error: 268435703:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER”
I have not configured any servicerole for this though. Is that is something I am missing here or something else ?