Open Source Startup Podcast avatar

Dexa/Open Source Startup Podcast

Learn more
Published Dec 9, 2022

E67: Automated Certificate Management with Smallstep

Explore the transformative journey of Smallstep, as Mike Malone delves into lean team management, the strategic evolution of their open-source certificate management into a managed product, and the pioneering automation infused into DevOps infrastructure solutions.
Episode Highlights
Open Source Startup Podcast logo

Topics covered

Popular Clips

Episode Highlights

  • Automation Evolution

    The evolution of automation in DevOps has significantly transformed infrastructure solutions, with Smallstep leading the charge. explains that automation in certificate management is distinct due to the unique lifecycle of certificates, which often differ from the components they secure 1. This necessitates deeper integration with existing automation tools like Puppet, Chef, and Kubernetes operators. notes, "For certificates, you need to go a little bit deeper because these things don't sort of follow the lifecycle of the other components."

    For certificates, you need to go a little bit deeper because these things don't sort of follow the lifecycle of the other components.

    ---

    The journey of Smallstep began with an open-source project, which highlights as a unique approach compared to other open-core companies 2.

       

    Certificates and Automation

    Automating certificate management in DevOps environments presents specific challenges that Smallstep addresses effectively. emphasizes the importance of certificate lifecycle management as a separate process due to the ephemeral nature of modern infrastructure components 1. This complexity requires a tailored approach to automation, integrating with tools like Ansible and Terraform. states, "Certificate management is a special discipline. It's challenging and importantly there the core infrastructure to do certificate management for the sorts of environments and users that we were focused on for cloud native DevOps just didn't exist."

    Certificate management is a special discipline. It's challenging and importantly there the core infrastructure to do certificate management for the sorts of environments and users that we were focused on for cloud native DevOps just didn't exist.

    ---

    The open-source journey of Smallstep, as described by , involved building from scratch to meet the ecosystem's needs, focusing on authentication and security protocols like TLS 2.

Related Episodes