About Integrating Istio with Custom CA

AppViewX signer deployed in your cluster is now ready to sign all your service mesh application workload certificates from External Certificate Authority.

The Istio Service Mesh deployed in your cluster now needs to be reconfigured to enable Custom CA integration for provisioning workload certificates from External CA. Istio enables Custom CA integration using Kubernetes CSR API.

The root certificate for Custom CA in our case the Trust Certificate from EJBCA / Microsoft CA is loaded into the external ca secret configured in Signer Profile step. Refer to Custom CA integration steps in the Istio documentation to use the external ca secret.

Note: Change the Istio version accordingly in the URL to refer to the respective version of Istio deployed in your cluster.