See how to chain tools using HashiCorp Consul for service mesh, secrets from Vault, and certificates from EJBCA via Vault plugin.
PKI and mutual TLS (mTLS) certificates are now heavily relied on, but uncontrolled certificate issuance increases the risk of severe service outages or compliance issues. Organizations are trying to combine high velocity operations and high availability, with the need for high security, controls, and compliance. These sometimes-conflicting requirements can be very hard to combine and the outcome of various approaches to balance them are not crystal clear. But there are many roads that lead to Rome. You'll need several tools in your toolbox.
In this presentation you'll see how to combine a mature and compliant PKI with the automated, rapidly changing, multi-cloud deployments in modern DevOps. By using a HashiCorp Vault plugin for EJBCA PKI, which you'll see in a short demo, you can use the same efficient tool for managing certificates that you use for all other secrets, and the result is efficient, automated, secure, controlled, and compliant certificate issuance on a large scale. You'll also see how to chain tools using HashiCorp Consul for service mesh, secrets from Vault, and certificates from EJBCA.
Speaker: Tomas Gustavsson
Slides here: https://drive.google.com/file/d/1-7DfEl20a4Cd5zouzOshyASoUxo1gG_I/view
Using Consul Dataplane on Kubernetes to implement service mesh at an Adfinis client
5 best practices for secrets management
Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones
Adopting GitOps and the Cloud in a Regulated Industry