Do pods of the same deployment share the same certificate when using Istio mTLS

Question

When enabling mTLS in Istio, every pod of a given deployment has a certificate.

My question is: do pods of the same deployment share the same certificate or it's different for every pod?

Hi @mark009, does the answer from Rinor answer your question? If yes, please [consider accepting / up-voting it](https://stackoverflow.com/help/someone-answers). — Mikolaj S., Dec 29 '21 at 15:44

score 1 · Answer 1 · answered Dec 24 '21 at 19:39

1

It is a different certificate for every pod. But having different certificates doesn't matter as the information encoded into them is the same (the SPIFFE ID is encoded into them and for pods of the same deployment it is the same ID).

answered Dec 24 '21 at 19:39

Rinor

1,790
13
22

Do pods of the same deployment share the same certificate when using Istio mTLS

1 Answers1