Skip to content

Distributed Issuer overview

Distributed Issuer (formerly known as Firefly) is a lightweight certificate issuer for Next-Gen Trust Security that delivers X.509 certificates at high speed and volume across Kubernetes, OpenShift, and other cloud-native environments.

Distributed Issuer provides the following key benefits:

  • Operates with no external dependencies as a standalone microservice that deploys on Kubernetes using Helm or on a Linux host using Docker.
  • Can manage all instances centrally through Next-Gen Trust Security where you configure CA trust, issuance policies, and runtime settings, and track issued certificates in the Next-Gen Trust Security user interface.
  • Serves certificates over gRPC or REST so clients can request X.509 certificates using standard protocols.
  • Supports HSM-protected signing keys and FIPS-compliant images for environments with strict security requirements.

By using Distributed Issuer, your organization can issue certificates locally at high speed while maintaining centralized policy control through Next-Gen Trust Security.

What's next?

To learn about installation options and prerequisites, see the installation overview. For details on current and past versions, see the releases page.