mirror of https://github.com/istio/istio.io.git
696 B
696 B
| title | order | type |
|---|---|---|
| Is the secret encrypted for workload key and cert? | 125 | markdown |
{% include home.html %}
By default, they are base64 encoded but not encrypted. However, the secret encryption feature is supported in Kubernetes and you can do it by following the instruction.
Notice that this feature is not enabled yet in Google Container Enginer (GKE). While the data may not be encrypted inside the etcd running on the master node, the contents of the master node itself are encrypted, see here for more info.