I am trying to implement TLS termination on Gateway for one application and on backend side for another.
Kubernetes 1.11(EKS) Istio 1.0.5
Following tasks from the documentation.
For TLS mode SIMPLE
For TLS mode PASSTHROUGH
Each of them separately works fine.
But if I an trying to deploy them both the second one reports error on attempt to connect.
The first looks the winner.
Tried to use the unique port names in Gateway and Server but it did not help as well.
Error for th esecond application looks like
curl -vvv https://whoami.mydomain.com * Trying 184.108.40.206… * TCP_NODELAY set * Connected to whoami.mydomain.com (220.127.116.11) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /usr/local/etc/openssl/cert.pem CApath: /usr/local/etc/openssl/certs * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Client hello (1): * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to whoami.mydomain.com:443 * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to whoami.mydomain.com:443
Any advice what I could miss in setup.