Lab 8: TLS error is different under Istio v1.5

Question

Lab 8: TLS error is different under Istio v1.5

leecalcote opened this issue 4 years ago · 1 comments

The error output is no longer:

curl: (35) gnutls_handshake() failed: Handshake failed

Answer 1 · 2020-04-07T14:42:00.000Z

The error is :
curl: (7) Failed to connect to details port 9080: Connection timed out
when in PERMISSIVE mode with PeerAuthentication set

the error output when no certificates are present:

curl: (16) SSL_write() returned SYSCALL, errno = 104

Command to run to set PeerAuthentication:-

kubectl apply -f - <<EOF
apiVersion: "security.istio.io/v1beta1"
kind: "PeerAuthentication"
metadata:
  name: "default"
spec:
  mtls:
    mode: STRICT
EOF