on Kiali, we are willing to show more information about Certificate management within the console.
The first step would be to show information related the certificate management at service mesh level, instead of ingress level or workload level.
As far as I know, there are three different ways to provide certificates to Istio :
- Istio (citadel) provides the CA.
- Plugging in existent CA.
- Using Chiron with K8s APIs.
From community perspective, which information would be valuable for you to better understand your mesh?
For example, show if your CA is created at installation time or plugged in? Expiration time of that CA, for you to be aware when you have to renew that cert? Perhaps listing all the dnsNames managed by Chiron? Is it helping to have the workload TTL visible?
What do you think?
Thank you very much,