How to Disable TLS Verification for a HTTPS Backend #5927
-
|
Hi, We are working on migrating from Istio to Envoy Gateway, and one setting that I am struggling to find a translation to is how to configure HTTPS/TLS to the backend service, but to disable TLS verification. I've found the docs on Backend TLS, but don't see anything on how to disable TLS verification. In our use-case, we don't care to validate, but the backend only serves traffic on a TLS enabled server. In Istio, we configured a DestinationRule that contained the following spec:
host: {{ include "chart.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
trafficPolicy:
portLevelSettings:
- port:
number: {{ .Values.myapp.port}}
tls:
mode: SIMPLE
insecureSkipVerify: trueI was able to find this GH issue comment which is leading me to believe this isn't supported yet. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
yeah #4595 should solve this, will add it to the v1.5 milestone (July 2025 release), for now there's a workaround mentioned in the issue |
Beta Was this translation helpful? Give feedback.
-
|
For anyone that lands here via a search, it appears this change was merged recently in 6222 |
Beta Was this translation helpful? Give feedback.
yeah #4595 should solve this, will add it to the v1.5 milestone (July 2025 release), for now there's a workaround mentioned in the issue