Consul helm tls verify_server_hostname problems

Hello, I’m trying to enable TLS on K8S using the consul-helm chart but run into problems when enabling verify_server_hostname, it looks like Consul is checking the IP address of the server connecting and as we are using cluster IPs these are not known in advanced so we cannot add it to the Subject alternative names, the hostnames and the service names are present on the SAN. Is there something I’m missing? When disabling verify_server_hostname everything works fine but I’d like to be able to have it as secured as on a VM.