Home
KUBE+
Unify DevOps and Security teams by managing certificates with a Kubernetes-native certificate lifecycle management solution.
KUBE+ User Guide
Integrating Istio with Custom CA

CERT+
Automate certificate lifecycle management including issuance, discovery, renewal, and deployment, across public and private trust CAs. Assess, prioritize, and plan your migration to quantum-safe encryption with the Quantum Trust Hub add-on module.
PKI+
Provision, govern and scale private trust certificates with a Post Quantum ready cloud based Enterprise PKI-as-a-Service.
SIGN+
Secure software, firmware, and containers with a comprehensive enterprise code signing solution.
SSH+
Control SSH access and key rotation at scale with an SSH key lifecycle management solution.
KUBE+
Unify DevOps and Security teams by managing certificates with a Kubernetes-native certificate lifecycle management solution.
- KUBE+ User Guide
- KUBE+ API Guide
- KUBE+ Upgrade Guide
  When migrating the AppViewX Compute cluster, it is necessary to upgrade the Cloud Connector and Cert Orchestrator to enable the latest KUBE+ features.
- KUBE+ as an EKS Addon - AWS Marketplace
DDI+
Manage domain registration, renewal, decommissioning, and other security controls with an end-to-end domain lifecycle management solution.
ADC+
Automate and orchestrate application delivery infrastructure at scale with an ADC lifecycle automation platform.
Platform
Manage policy and automation across all of the products and modules in the AVX ONE platform.
AppViewX Setup
Get detailed instructions for setting up AVX ONE in on-premises or SaaS deployments.
Release Artifacts
Review new features, fixes, and security advisories with official AppViewX release documentation.

Integrating Istio with Custom CA

AppViewX signer deployed in your cluster is now ready to sign all your service mesh application workload certificates from External Certificate Authority.

The Istio Service Mesh deployed in your cluster now needs to be reconfigured to enable Custom CA integration for provisioning workload certificates from External CA. Istio enables Custom CA integration using Kubernetes CSR API.

The root certificate for Custom CA in our case the Trust Certificate from EJBCA / Microsoft CA is loaded into the external ca secret configured in Signer Profile step. Refer to Custom CA integration steps in the Istio documentation to use the external CA secret.

Note: Change the Istio version accordingly in the URL to refer to the respective version of Istio deployed in your cluster.