Mesh Gateways on Kubernetes x509 - cannot register service


I am trying to set up consul mesh on Kubernetes. I followed this guide:

My tls configuration looks like this:

    enabled: true
    verify: true
    httpsOnly: true
    enableAutoEncrypt: true
    serverAdditionalDNSSANs: ["myserver.test"]
    serverAdditionalIPSANs: [""]
      secretName: consul-ca-cert
      secretKey: tls.crt
      secretName: consul-ca-key
      secretKey: tls.key

I created the secrets creating a CA crt on using consul CLI on my workstation.

When I install using helm the Mesh Gateways return this error in logs:

Error registering service “mesh-gateway”: Put “”: x509: certificate signed by unknown authority

What did I get wrong in this procedure?

To provide more details on this one, when I exec into the server pods, I can see tha /consu/tls/ca/tls.crt and /consul/tls/server/tls.crt certificates are valid, but they are not the ones being returned when I make a request to the
Any help?

Because enableAutoEncrypt is set, the Consul clients actually use a different CA than the Consul servers. There should be an init container that runs in the mesh gateway pods that adds the correct Consul client CA cert into a shared volume (consul-helm/mesh-gateway-deployment.yaml at master · hashicorp/consul-helm · GitHub).

Can you share your other Helm config?