Skip to content

Distributed Issuer overview

Distributed Issuer (formerly known as Firefly) is a lightweight certificate issuer for Next-Gen Trust Security (NGTS) that delivers X.509 certificates at high speed and volume across Kubernetes, OpenShift, and other cloud-native environments.

Distributed Issuer provides the following key benefits:

  • Operates with no external dependencies as a standalone microservice that deploys on Kubernetes using Helm or on a Linux host using Docker.
  • Can manage all instances centrally through NGTS where you configure CA trust, issuance policies, and runtime settings, and track issued certificates in the NGTS user interface.
  • Serves certificates over gRPC or REST so clients can request X.509 certificates using standard protocols.
  • Supports HSM-protected signing keys and FIPS-compliant images for environments with strict security requirements.

By using Distributed Issuer, your organization can issue certificates locally at high speed while maintaining centralized policy control through NGTS.

What's next?

To learn about installation options and prerequisites, see the installation overview. For details on current and past versions, see the releases page.