Distributed Issuer Overview

Table of Contents

Reference: DNS SANS Injection and Replacement

Distributed Issuer Overview

Distributed Issuer (formerly known as Firefly) is a lightweight certificate issuer for Next-Gen Trust Security that delivers X.509 certificates at high speed and volume across Kubernetes, OpenShift, and other cloud-native environments.

Distributed Issuer provides the following key benefits:

Operates with no external dependencies as a standalone microservice that deploys on Kubernetes using Helm or on a Linux host using Docker.
Can manage all instances centrally through Next-Gen Trust Security where you configure CA trust, issuance policies, and runtime settings, and track issued certificates in the Next-Gen Trust Security user interface.
Serves certificates over gRPC or REST so clients can request X.509 certificates using standard protocols.
Supports HSM-protected signing keys and FIPS-compliant images for environments with strict security requirements.

By using Distributed Issuer, your organization can issue certificates locally at high speed while maintaining centralized policy control through Next-Gen Trust Security.

What's Next?

To learn how to complete pre-installation tasks in Next-Gen Trust Security and then install Distributed Issuer to your environment, see Getting Started with Distributed Issuer.

Reference: DNS SANS Injection and Replacement

Getting Started with Distributed Issuer

Next-Gen Trust Security Docs

Distributed Issuer Overview

Next-Gen Trust Security Docs

Distributed Issuer Overview

What's Next?

Activation and Onboarding

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

FedRAMP

Hardware Reference

Hardware Quick Start Guides

Virtual ION Deployment

3rd Party Integrations

Prisma SD-WAN Experts Corner

Best Practices

Experts Corner

Resources

Network Security Platform