I don’t fully understand why we can set some tls settings in the destination rule.
According to the documentation:
[...]authentication policies apply to requests that a service receives. To specify client-side authentication rules in mutual TLS, you need to specify the TLSSettings in the DestinationRule. You can find more information in our TLS settings reference docs.
Is it possible to have an example requiring to have TLS settings in the PeerAuthentication and in the destination rule?
I ran the following test: I set an PeerAuthentication with mtls to strict for a whole namespace. Then, I could set any values in destination rule for the DestinationRule, it won’t change anything since the service requires to have mtls on both side.
Thanks for your help,