At the moment the encryption between services happens opportunistically.
Now, let’s say we have Linkerd enabled with mTLS working all over, and we use our own CA, i.e. not one generated by Linkerd.
We have a service running somewhere (not K8s) which uses SSL authentication and the same CA, it has a valid cert, …
When my internal service connects with that external service I’m assuming it will not pass Linkerd, and it will not be proxied, as the target is not proxy-able.
Now, can we simplify these CA certificate deployments with Linkerd?
Or is this something we have to do ourselves next to having Linkerd doing the automatic proxy creation?