...
OAuth-config controller
ISTIO-CA-Cert controller
This controller runs as a micro-service exposing API's. This controller will generate intermediate CA key for each edge which is signed by an root or intermediate key. The controller comes up and register's with DCM and brings up the backend with given root or intermediate key. Updates the database with bundle containing signed intermediate key, cert and chain. This bundle is later used to configure Citadel to bring up with intermediate key and cert and chain for issuing workload certs.
Internal Design details
Guidelines that need to kept in mind
...