Comment by nine_k
3 years ago
From my experience with developing gRPC-based microservices, I don't remember certificates being such a big deal.
Mount a filesystem subrtree with them inside a container; problem basically solved.
3 years ago
From my experience with developing gRPC-based microservices, I don't remember certificates being such a big deal.
Mount a filesystem subrtree with them inside a container; problem basically solved.
This isn’t even wrong, however you’ve confused the access of certificates with their issuance, validity and rotation for a given runtime, which is OP’s point: it’s very complicated.
There are utilities like Let’s Encrypt and Kubernetes Cert Manager that make this somewhat easier by default if their defaults work for you. But the devil is in the details.