Install Trust Domain Server

Trust Domain Servers can be self-hosted within your own infrastructure to issue workload identities. A self-hosted Trust Domain Server enables additional features and integrations.

📄️Architecture, Prerequisites, and Process

Architecture overview, requirements, and steps.

📄️Register SPIFFE Trust Domain

Register a self-hosted trust domain.

📄️Deploy Trust Domain Servers

Install Trust Domain Servers via Helm.

📄️Verifying Trust Domain Servers Connectivity

Confirm servers are connected to the control plane.

📄️Register Cluster with Trust Domain Server

Register a cluster with the trust domain.

📄️Deploy Defakto Agent

Deploy the agent to start issuing identities.

📄️Verify SPIFFE Workload API and SVID Issuance

Confirm workloads can retrieve SVIDs.

📄️Server Key Rotation

Automatic signing key rotation behavior.

📄️Logging

Configure and interpret server log output.