I’m doing my masters’ thesis about Istio’s security and I haven’t found exactly which are the paths of the certificates and keys the sidecar and the CA authority use in the SDS bootstrapping, right before new ones are created through the SDS process. Are those default paths selected by Envoy or are they specified in the Istio source code? Are they under /etc/certs in both entities?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| SDS config for the SSL certs | 0 | 411 | September 11, 2019 | |
| Custom CA integration | 0 | 366 | September 9, 2022 | |
| Sidecar injection fails due to missing root certificate (x509: certificate signed by unknown authority) | 1 | 2840 | August 4, 2021 | |
| Other options than citadel for envoy sidecar certificate management for kubernetes case, such as cert-manager? | 3 | 1728 | March 30, 2019 | |
| Ingress/egress/sidecar proxies not running when using SDS in istio 1.5.0 | 5 | 4122 | June 12, 2020 |