Learn how you can use the Gloo Mesh root trust policy to fully or partially manage the Istio CA lifecycle.
Learn how the Istio root, intermediate, and leaf certificates are rotated when you use the Gloo Mesh root trust policy.
Manage the entire Istio CA lifecycle
Use Gloo Mesh to fully manage the Istio root and intermediate CA lifecycle with self-signed root CA certificates.
Manage Istio intermediate CAs
Generate the root CA certificate and key, and configure Gloo Mesh to automatically derive intermediate CA certificates and keys from the root CA.
Integrate with Vault
Set up a Vault instance that stores the root CA certificate and key. Gloo Mesh then configures the Istio control plane to derive intermediate CA certificates and keys from the root CA in Vault.