Redirect internal request to external ingressgateway directly towards it

:wave: I have the following endpoint docker.example.com which works fine - reachable (with ssl termination / sni).
Now I want that if an internal container calls docker.example.com that it won’t resolve the external ip address but rather directly the internal service ip from the istio-ingressgateway service (for valid tls termination). I tried it with a simple Virtual Service like

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: harbor-core-internal
spec:
  hosts:
  - docker.example.com
  http:
  - route:
    - destination:
        host: istio-ingressgateway.istio-system.svc.cluster.local

but this does not work. It still resolves the external ip. Any ideas?
Thanks a lot :cat2:

ps.:
I did this with another service - not directly to istio-ingressgateway and no tls/ssl this works.

Hi, can you elaborate on how you solved this?