NSS error -5961 (PR_CONNECT_RESET_ERROR) on Secure Gateway

Hi, I’m following the tutorial on here secure gateway to create a secure HTTPS routes for my services.

However, the curl command to the HTTPS url will result in NSS error -5961 (PR_CONNECT_RESET_ERROR) curl: (35) TCP connection reset by peer.

Is there anyone who experiencing the same issue?

Thank you

I got the same error. I use cert-manager to provide certificates (however that doesn’t seem to be the issue). After checking the istiod logs… I got:
warn ads failed to fetch key and certificate for kubernetes://xxxxxx-xxx-tls
It couldn’t find the certificate. So, I tried creating a certificate in the istio-system namespace (the secret gets created in the same namespace) and it worked.

So check if your secret was created in the same namespace, or try to look through the istiod logs for more information.