At LY Corporation, we operate a large-scale private cloud along with a Private CA, managing numerous TLS certificates in addition to those issued by Public CAs. Handling certificate expirations and renewals not only drives up operational costs, but also poses challenges due to the increased manual workload and heightened risk of human error. Consequently, establishing a more efficient certificate management ecosystem has become an urgent priority.
In this session, we will first present the current state of certificate management and the existing security measures in our private cloud. Next, we will showcase a case study on automating certificate renewal using cert-manager (Kubernetes), which has been tailored to our in-house ecosystem. Finally, we will discuss our vision for a future, automated certificate management infrastructure.
DAY 1
12:00-12:30 JST
Main Room B
JaEnKo
Streaming
Efficient Certificate Distribution Strategy in Private Cloud
Speaker
Tsurudo Ryosuke / LY Corporation
Infrastructure Group / Security Platform Division / Trust Technology Team
Security Engineer
Joined the former Yahoo Japan Corporation in 2023.
Develops, maintains, and operates internal certificate issuance systems and authentication/authorization systems that use certificates.
Yamaguchi Katsuya / LY Corporation
Infrastructure Group / Security Platform Division / Trust Technology Team
Since 2017, I have been involved in developing security infrastructures, key management systems, and building certificate management systems. As a team leader, I have led my team and aim to enhance the security of our private cloud.