Vault Server does not start if HA enabled and Istio mTLS in strict mode

Hi!

I am running into an Issue when deploying Vault using the Helm Chart and with HA enabled together with the Istio Mesh.

Previously I had Vault deployed in the cluster and was perfectly working with HA enabled. Lately, I have added Istio inside the Kubernetes cluster to enable mTLS with sidecar injection. However, if I add the strict mode from Istio to force all the connections be mTLS, Vault server pods do not start and I get the following error:

storage migration check error: error="Unexpected response code: 503"

Then if I check consul server I have this error:

 2020-11-28T13:03:04.156Z [ERROR] agent.server.memberlist.lan: memberlist: Push/Pull with kind-worker failed: EOF
2020-11-28T13:03:34.158Z [ERROR] agent.server.memberlist.lan: memberlist: Push/Pull with kind-worker2 failed: EOF
2020-11-28T13:05:34.171Z [ERROR] agent.server.memberlist.lan: memberlist: Push/Pull with kind-worker2 failed: EOF

If strict mode is not enabled then everything works. Do yo know how can I solve this issue with Vault so I can enable the mTLS strict mode?

Thanks in advance,

Marc