Tag: architecture
All PKI knowledge base pages tagged with "architecture".
- PKI Case Studies: Enterprise Certificate Automation at 15K-65K Scale — Real certificate management transformations at Vortex, Nexus, and Apex Capital. ROI calculations, lessons from production failures, and the patterns that worked (and didn't) managing 15,000-65,000 certificates.
- Certificate Authority Architecture: Design Patterns for Enterprise PKI — Enterprise CA implementation guide. Architecture decisions, HSM integration, high availability design, and scaling certificate issuance infrastructure.
- Certificate-as-Code: Terraform, Kubernetes & GitOps for PKI Automation — Manage certificates like infrastructure code. Terraform ACM resources, cert-manager in Kubernetes, GitOps workflows with ArgoCD, and OPA policies that enforce certificate standards automatically.
- mTLS (Mutual TLS): Architecture, Configuration, and Troubleshooting — Engineer's guide to mutual TLS authentication. mTLS architecture, certificate requirements, Nginx/Envoy/HAProxy configuration, Kubernetes service mesh integration, client certificate troubleshooting, and common failure modes.
- Mutual TLS (mTLS): Implementation Patterns for Zero Trust Architecture — How to implement mTLS for service-to-service authentication. Certificate provisioning, client validation, service mesh integration, and troubleshooting handshake failures.
- Service Mesh Certificates: Istio, Linkerd & Consul mTLS Setup — Certificate management for service mesh. Automatic mTLS with Istio, Linkerd, and Consul Connect including custom CA integration and rotation strategies.
- Zero Trust PKI: Mutual TLS, SPIFFE & Certificate-Based Identity — Implement zero-trust architecture with certificates as the identity layer. Service mesh mTLS, SPIFFE workload identity, policy-based access control, and phased implementation from perimeter to zero-trust.