In chapter 6, we discussed the challenges in key management, including key provisioning, trust bootstrapping, certificate revocation, key rotation, and key usage monitoring. In a typical microservices deployment, each microservice is provisioned with a key pair. In chapter 6, you did that by manually copying Java keystore files to the Order Processing and Inventory microservices.

Doing things manually is not a neat approach in a microservices deployment with hundreds of services, however--everything must be automated.1 Ideally, during the CI/CD pipeline, the keys should be generated and provisioned to the microservices. In chapter 11, we discussed how to deploy and secure microservices ...