EJBCA can be used to issue certificates for Istio's mTLS.

Securing service mesh involves using Istio, an open-source service mesh platform, that comes with built-in support for mTLS to secure communication between services in a Kubernetes environment.
EJBCA can be used to issue certificates for Istio's mutual TLS (mTLS) authentication, providing secure and scalable certificate issuing. EJBCA allows you to start small and grow with flexibility as your certificate needs to change over time and to avoid using insecure self-signed certificates.
Learn how to use a service mesh to issue mutual TLS certificates with EJBCA running in Kubernetes.
Check out the supplementary documentation that goes hand-in-hand with our tutorial video.
Get your hands on the EJBCA Docker container by downloading it now from Docker Hub.
Take a peek at our YouTube playlist, and browse through some of our other tutorial videos as well.
You can ask your questions and learn from PKI specialists in the EJBCA forum on GitHub Discussions.


Bouncy Castle is one of the most widely used FIPS-certified open-source cryptographic APIs for Java and C#, allowing developers to integrate PKI security into their applications easily.