# No caCertificates when mode is mutual at destination level | |
apiVersion: networking.istio.io/v1alpha3 | |
kind: DestinationRule | |
metadata: | |
name: db-mtls | |
spec: | |
host: mydbserver.prod.svc.cluster.local | |
trafficPolicy: | |
tls: | |
mode: MUTUAL | |
clientCertificate: /etc/certs/myclientcert.pem | |
privateKey: /etc/certs/client_private_key.pem |