How to Setup External CA Integration in Istio

Wondering how to set up an external CA (certificate authority) in Istio? In this video, I give a detailed walk-through on why it can be helpful to set up an external root certificate authority for your Istio service mesh, as well as a walk-through of the setup process. The external CA used in this video is AWS Private CA. Certificate management in Istio is at the heart of issuing identities to workloads in the service mesh. It's what enables mTLS. After configuring AWS Private CA as the external root CA for Istio, I'll deploy workloads to test mTLS in the mesh. #kubernetes #istio Timestamps: 00:00 - Introduction 00:42 - Why Setup an External Root CA in Istio? 01:45 - Workload Identities in Kubernetes with Service Accounts 02:14 - Certificate Signing Requests (CSR) in Istio with Istio CA 03:30 - Certificate Signing Requests (CSR) in Istio with External CA (AWS Private CA) 06:01 - Walk-through of components during installation and configuration with Cert Manager and Istio CSR 17:03 - Demo walk-through and mTLS test GitHub Repository: https://github.com/LukeMwila/how-to-setup-external-ca-in-istio Other related videos: How to Configure mTLS in Istio for Secure Kubernetes Workload Communication - https://youtu.be/DVgDVaWIMB8 Connect: GitHub: https://github.com/LukeMwila Twitter: https://twitter.com/LuKE9ine Medium: https://medium.com/@outlier.developer LinkedIn: https://www.linkedin.com/in/lukonde-mwila-25103345/ If you found this video helpful, please like the video and subscribe to the channel!