EdgeCA is an ephemeral, in-memory CA providing service mesh machine identities. It automates the management and issuance of TLS certificates. It can run in three modes - with a self-certificated Root CA certificate, using an user-provided Root CA certificate or connect to Venafi to retrieve an issuing certificate.
It solves the many limitations of the embedded service mesh CAs by providing developers a fast, easy, and integrated source of machine identities whilst also providing security teams with the required policy and oversight.
It also enables ephemeral certificate-based authorization, which reduces the need for permanent access credentials, explicit access revocation or traditional SSH key management.