I’m still mystified and haven’t found anything in the trace level istio-proxy logs. I have a pod with a istio-proxy container and an alpine container.
The alpine container is making https calls to external URL. At some point this stops working and TLS handshake fails after
TLSv1.3 (OUT), TLS handshake, Client hello (1):.
I get this generic error from curl:
OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection
I don’t see any iptable rules blocking 443. Also port 80 works just fine so I know TCP packets are making it.
The only solution I have right now is doing
docker rm on the istio-proxy container and then immediately inside my alpine container SSL is working again.