Pods become unreachable due to expired certificate


We are experiencing a problem where some of our pods become unreachable after running for a few days. To the other applications the error is simply a connection refused error. Enabling debug logs on envoy and going to the unreachable pod shows that whenever a request is made the following error happens:

TLS error: 268436501:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_EXPIRED

Restarting the pod seems to fix the issue for some time, until the error above happens again. This does not seem to be strictly related to the lifetime of the pod as we have some pods running for more than 27 days that are fine.

Do you have any idea of what could be causing this?