Server

Server certificate inventory is where all the server certificates with the EKU (Extended/enhanced Key Usage) Server authentication will be present.

In this release, renewals and regenerations of the server certificates are only supported through the Cert-Orchestrator, which is part of the in-cluster component of KUBE+.

The following table describes the options available on the server certificate inventory page:

Ingress Certificates

Certificates discovered from Kubernetes secrets and secrets associated with Kubernetes ingresses are classified as Ingress certificates.

Infrastructure Certificates

Certificates discovered from Kubernetes control plane components via feature gate “Discover K8’s Infra Certificates” are classified as Infrastructure certificates.

ServiceMesh

KUBE+ provides the feature gate to secure pod-pod communication in a Kubernetes service mesh infrastructure with mTLS certificates signed by Enterprise PKI. If the feature gate “Enable mTLS certificates for Service Mesh” is enabled the mTLS certificates signed by AppViewX will be classified as Service Mesh certificates.

Others

Certificates discovered from Kubernetes secrets and not associated with any ingress (or) which does not classify into any of the above categories will be classified as Other certificates.