6 Securing east/west traffic with certificates

This chapter covers

Generating keys/certificates and securing microservices with mTLS
Challenges in provisioning certificates, bootstrapping trust, and revoking certificates

In chapters 3, 4, and 5, we discussed how to expose and secure a microservice as an API via an API gateway and to apply other quality-of-service features such as throttling and monitoring. That’s all part of the edge security in a typical microservices deployment. Edge security deals with authenticating and authorizing the end user, which is a system accessing a microservice on behalf of a human user or another system. When the security screening at the edge is completed, the end-user context is passed to the upstream microservices. ...

Get Microservices Security in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microservices Security in Action by Prabath Siriwardena, Wajjakkara Kankanamge Anthony Nuwan Dias

6 Securing east/west traffic with certificates

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly