![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=60,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
This conference talk explores how Shopify automates mutual TLS (mTLS) across thousands of services to implement zero trust architecture at scale. Learn how the Shopify team addresses critical certificate management challenges including rotation without interruption, renewal failures, and cross-cluster distribution. The presenters share their evolution from custom admission controllers to versatile patterns that work across both Kubernetes and non-Kubernetes environments, including techniques for mounting CA certificates at container startup with periodic Cronjob renewals. Discover practical code examples for implementing resilient rotation mechanisms, graceful certificate rollover, and proper RBAC configurations. Gain valuable insights into monitoring certificate lifecycles and troubleshooting common failure modes that will help you scale mTLS in your own environment.
