Public preview: Istio add-on for AKS now supports plug-in certificate authority (CA)

0
102
VMware CEO tells enterprises to become 'cloud-smart' to speed up pace of digital transformation

Source is Azure Business News

In the Istio-based service mesh add-on (currently in public preview) for Azure Kubernetes Service, by default the Istio certificate authority (CA) generates a self-signed root certificate and key and uses them to sign the workload certificates.

To protect the root CA key, you should use a root CA, which runs on a secure machine offline. You can use the root CA to issue intermediate certificates to the Istio CAs that run in each cluster.

The Istio add-on now allows you to bring your own certificates and keys for Istio CA. An Istio CA can sign workload certificates using the administrator-specified certificate and key and distribute an administrator-specified root certificate to the workloads as the root of trust.

https://aka.ms/asm-plugin-ca

Source is Azure Business News

Vorig artikelGeneral availability: PgAudit in Azure Cosmos DB for PostgreSQL
Volgend artikelPublic preview: Upgrade support in Istio add-on for AKS