Certificate Expiration Disrupting mTLS

Envoy uses short-lived certificates (2-3 days default) for service mesh mTLS. When certificates expire before rotation, TLS handshake failures occur, breaking service-to-service communication with SSLV3_ALERT_CERTIFICATE_EXPIRED errors.

Envoy Proxy insight details requires a free account. Sign in with Google or GitHub to access the full knowledge base.