{"id":835106,"date":"2023-05-16T08:43:00","date_gmt":"2023-05-16T08:43:00","guid":{"rendered":"https:\/\/www.capgemini.com\/no-no\/?p=835106"},"modified":"2025-03-20T04:22:02","modified_gmt":"2025-03-20T04:22:02","slug":"using-ssl-tls-certificates-from-azure-key-vault-in-kubernetes-pods","status":"publish","type":"post","link":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/","title":{"rendered":"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods"},"content":{"rendered":"\n<header class=\"wp-block-cg-blocks-hero-blogs header-hero-blogs\"><div class=\"container\"><div class=\"hero-blogs\"><div class=\"hero-blogs-content-wrapper\"><div class=\"row\"><div class=\"col-12\"><div class=\"header-title\"><h1>Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods<\/h1><\/div><\/div><\/div><\/div><div class=\"hero-blogs-bottom\"><div class=\"header-author\"><div class=\"author-img\"><img decoding=\"async\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2022\/11\/Eugene-Romero.jpg?w=720?w=200&amp;quality=10\" alt=\"\" loading=\"lazy\"\/><\/div><div class=\"author-name-date\"><h5 class=\"author-name\">Eugene Romero<\/h5><h5 class=\"blog-date\">16 May 2023<\/h5><\/div><\/div><div class=\"brand-image\"> <\/div><\/div><\/div><\/div><\/header>\n\n\n\n<section class=\"wp-block-cg-blocks-group undefined section section--article-content\"><div class=\"article-main-content\"><div class=\"container\"><div class=\"row\"><div class=\"col-12 col-md-1\"><nav class=\"article-social\"><ul class=\"social-nav\"><li class=\"ip-order-fb\"><a href=\"https:\/\/www.facebook.com\/sharer\/sharer.php?u=https:\/\/www.capgemini.com\/no-no\/?p=835106\" target=\"_blank\" rel=\"noopener noreferrer\" title=\"opens in a new window\"><i aria-hidden=\"true\" class=\"icon-fb\"><\/i><span class=\"sr-only\">Facebook<\/span><\/a><\/li><li class=\"ip-order-tw\"><a href=\"https:\/\/twitter.com\/intent\/tweet?url=https:\/\/www.capgemini.com\/no-no\/?p=835106&amp;text=\" target=\"_blank\" rel=\"noopener noreferrer\" title=\"opens in a new window\"><i aria-hidden=\"true\" class=\"icon-tw\"><\/i><span class=\"sr-only\">Twitter<\/span><\/a><\/li><li class=\"ip-order-li\"><a href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=https:\/\/www.capgemini.com\/no-no\/?p=835106&amp;text=\" target=\"_blank\" rel=\"noopener noreferrer\" title=\"opens in a new window\"><i aria-hidden=\"true\" class=\"icon-li\"><\/i><span class=\"sr-only\">Linkedin<\/span><\/a><\/li><\/ul><\/nav><\/div><div class=\"col-12 col-md-11 col-lg-10\"><div class=\"article-text article-quote-text\">\n<h3 class=\"wp-block-heading\" id=\"h-how-to-make-kubernetes-pods-trust-internal-https-services\">How to make Kubernetes pods trust internal HTTPS services. <\/h3>\n\n\n\n<p><strong>NOTE: This post builds upon my previous post&nbsp;<a href=\"https:\/\/damn.engineer\/2022\/01\/31\/azure-keyvault-to-kubernetes\" target=\"_blank\" rel=\"noreferrer noopener\">Accessing Azure Key Vault secrets from Kubernetes<\/a>, and assumes understanding of the subject discussed there.<\/strong><\/p>\n\n\n\n<p id=\"94f4\">A common task I face as a DevOps engineer has to do with injecting TLS (formerly SSL) certificates into an application or service. Why would this be needed? There can be many reasons, although by far the one I\u2019ve encountered most, has to do with internal TLS certificates.<\/p>\n\n\n\n<p id=\"de5f\">Most medium-to-large enterprises use internal TLS certificates to authenticate internal connections. By&nbsp;<em>internal<\/em>, I mean certificates which have not been obtained from a known Certificate Signing Authority, but instead, have been locally generated, for use by internal applications. This model requires that any client or user attempting to connect have a&nbsp;<a href=\"https:\/\/stackoverflow.com\/a\/61422058\/4441002\" target=\"_blank\" rel=\"noreferrer noopener\">\u201cCertificate Authority Certificate\u201d<\/a>&nbsp;installed, which makes the system trust certificates generated by that particular (internally created, and unique to the organization) Certificate Authority.<\/p>\n\n\n\n<p id=\"7501\">For example, an organization might have an internal log sink\/aggregator which accepts connections over HTTPS. If this sink is only available within the internal network, its TLS certificate will probably have been generated in-house. Now, imagine a microservice running in Kubernetes needs to send logs to this sink. How can we make the Kubernetes pod trust the internal Certificate Authority, so that connections to the log sink are properly secured?<\/p>\n\n\n\n<p id=\"47e7\">Although there are probably a few different ways of achieving this result, this is one that I have used which has worked well for me, and does not require any additional helper tools\/sidecar containers\/etc.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"676f\">Requirements<\/h3>\n\n\n\n<p id=\"5ad4\">To start off, the CA certificate to be installed in the microservice should be stored in an Azure Key Vault. For simplicity, I will assume that this certificate has been saved as a&nbsp;secret. This method should also work if it has been saved as a&nbsp;certificate, although the syntax might be different. Refer to the&nbsp;<a href=\"https:\/\/azure.github.io\/secrets-store-csi-driver-provider-azure\/docs\/configurations\/getting-certs-and-keys\/\" target=\"_blank\" rel=\"noreferrer noopener\">documentation<\/a>&nbsp;for more information on how to reference the saved cert.<\/p>\n\n\n\n<p id=\"3a75\">Next, our Kubernetes cluster should already have the Kubernetes Secrets Store CSI Driver set up. For instructions on how to do that, check my&nbsp;<a href=\"https:\/\/damn.engineer\/2022\/01\/31\/azure-keyvault-to-kubernetes\" rel=\"noreferrer noopener\" target=\"_blank\">previous post<\/a>&nbsp;on the subject.<\/p>\n\n\n\n<p id=\"1ad0\">The certificate to be used should be in a format that our microservice understands. Since I am using Linux-based microservices, I need to make sure my cert is available as a PEM\/CRT file.<\/p>\n\n\n\n<p id=\"248e\">Finally, I am going to assume our microservice is based on some flavor of Debian. If it isn\u2019t, the location to mount the certificate or the command to be run might be slightly different. Refer to your distribution\u2019s docs for specific instructions on how to update the local certificate store.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"8059\">Querying the certificate<\/h3>\n\n\n\n<p id=\"59c6\">The certificate can be queried in the same way as any other key vault object. One thing to notice is that we do not create a Kubernetes secret from the Azure secret (notice the missing&nbsp;spec.secretObjects&nbsp;section):<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1023\" height=\"476\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-first.png\" alt=\"\" class=\"wp-image-835298\" srcset=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-first.png 1023w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-first.png?resize=300,140 300w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-first.png?resize=768,357 768w\" sizes=\"auto, (max-width: 1023px) 100vw, 1023px\" \/><\/figure>\n\n\n\n<p id=\"1e8f\">The secret should now be available for use in our cluster.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"f14b\">Mounting the certificate in our microservice<\/h3>\n\n\n\n<p id=\"2172\">With the cert now available, we can use the&nbsp;volume&nbsp;functionality in Kubernetes to mount it in our pod. First, we need to declare our secrets provider as an eligible volume:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1023\" height=\"392\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-2.png\" alt=\"\" class=\"wp-image-835290\" srcset=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-2.png 1023w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-2.png?resize=300,115 300w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-2.png?resize=768,294 768w\" sizes=\"auto, (max-width: 1023px) 100vw, 1023px\" \/><\/figure>\n\n\n\n<p>With that out of the way, we should then mount the secret as a file in our pod. This uses a little trick found in the&nbsp;volumeMounts&nbsp;functionality of Kubernetes, where a single file can be mounted&nbsp;<em>into<\/em>&nbsp;a directory, instead of mounting&nbsp;<em>on top<\/em>&nbsp;of a directory and overriding its contents. To achieve this, we use the full path of the mounted file, and use the&nbsp;subPath&nbsp;field to indicate the specific file in the volume we wish to mount. In this case, the&nbsp;subPath&nbsp;should match the name of the secret we are querying with our&nbsp;SecretProviderClass:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1023\" height=\"392\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-4.png?w=960\" alt=\"\" class=\"wp-image-835292\" srcset=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-4.png 1023w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-4.png?resize=300,115 300w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-4.png?resize=768,294 768w\" sizes=\"auto, (max-width: 1023px) 100vw, 1023px\" \/><\/figure>\n\n\n\n<p id=\"b2c6\">With this, the certificate will be available as a file in our pod. However, most Linux-based systems do not just use whatever files are in that folder at any given moment. Instead, the system needs to be told to update the local certificate store, which is built from whatever files are in that directory. We will do that in the next step.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"f5e1\">Updating the certificate store<\/h3>\n\n\n\n<p id=\"f7b6\">To update the microservice\u2019s certificate store, we use the&nbsp;update-ca-certificates&nbsp;command. To make sure that our new cert is available for our service from the moment it starts up, we can run this command as part of a&nbsp;spec.containers.lifecycle.postStart&nbsp;instruction. PostStart events are sent immediately after a container is started, which means that our command will be run as soon as possible. Additionally, since volume mounts are performed&nbsp;<em>before<\/em>&nbsp;startup, we can be sure that our cert will be ready to be included in the local certificate store:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1023\" height=\"169\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-5.png\" alt=\"\" class=\"wp-image-835293\" srcset=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-5.png 1023w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-5.png?resize=300,50 300w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-5.png?resize=768,127 768w\" sizes=\"auto, (max-width: 1023px) 100vw, 1023px\" \/><\/figure>\n\n\n\n<p>This is the last piece of the puzzle. Putting it all together, our pod deployment should look like this:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"928\" height=\"757\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-6.png\" alt=\"\" class=\"wp-image-835294\" srcset=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-6.png 928w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-6.png?resize=300,245 300w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-6.png?resize=768,626 768w\" sizes=\"auto, (max-width: 928px) 100vw, 928px\" \/><\/figure>\n\n\n\n<p id=\"f7e8\">At this point, our service should be able to perform HTTPS calls to any other internal services using the same CA provider.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"ab43\">Verifying<\/h3>\n\n\n\n<p id=\"40aa\">To verify if our certificate is indeed working, we can exec into our pod:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"928\" height=\"79\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-7.png\" alt=\"\" class=\"wp-image-835295\" srcset=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-7.png 928w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-7.png?resize=300,26 300w, https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/banner-7.png?resize=768,65 768w\" sizes=\"auto, (max-width: 928px) 100vw, 928px\" \/><\/figure>\n\n\n\n<p>Once inside, we can try&nbsp;curling into a known internal service:<\/p>\n\n\n\n<p>curl <a href=\"https:\/\/internalsite.mycompany.local\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/internalsite.mycompany.local<\/a><\/p>\n\n\n\n<p>If the CA certificate has been set up correctly,&nbsp;curl&nbsp;should be able to successfully connect to the HTTPS service without complaining about insecure certificates.<\/p>\n<\/div><\/div><\/div><\/div><\/div><\/section>\n\n\n\n<section class=\"wp-block-cg-blocks-wrapper-people-slider section section--expert-slider wrapper-people-slider undefined\"><div class=\"container\"><div class=\"content-title\"><h3 data-maxlength=\"34\">Meet our Expert<\/h3><\/div><\/div><div class=\"slider slider-boxed\"><div class=\"container\"><div class=\"slider-window\"><div class=\"slider-list\">\n\t\t<div class=\"slide\">\n\t\t\t<div class=\"box\">\n\t\t\t\t<div class=\"row\">\n\t\t\t\t\t<div class=\"col-md-6 col-lg-4 box-img-wrapper\">\n\t\t\t\t\t\t<img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2022\/11\/Eugene-Romero.jpg\" alt=\"Eugene Romero\"\/>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t<div class=\"col-md-6 col-lg-8 box-inner\">\n\t\t\t\t\t\t<div class=\"row title-social-media-header\">\n\t\t\t\t\t\t\t<div class=\"col-md-12 col-lg-6 mbl-social-icon\">\n\t\t\t\t\t\t\t\t<ul class=\"social-nav\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t\t\t<a class=\"subnav-button--form\" href=\"javascript:void(0)\" aria-label=\"contact us\" data-bs-toggle=\"modal\" data-bs-target=\"#WPB3856b85e_7f11_4041_9c67_89f3e7cc97c2\" data-bs-expert-title=\"1\">\n\t\t\t\t\t\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"ico-form\"><\/i>\n\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a aria-label=\"Linkedin\" target=\"_blank\" title=\"Opens in a new window\" href=\"https:\/\/www.linkedin.com\/in\/eugeneromero\/\"><i aria-hidden=\"true\" class=\"icon-li\"><\/i><\/a><\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<div class=\"col-md-12 col-lg-6 box-container\">\n\t\t\t\t\t\t\t\t<div class=\"box-title\">\n\t\t\t\t\t\t\t\t\t<h3 class=\"people-profile-title\">Eugene Romero<\/h3>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span>Managing Cloud Advisor<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<div class=\"col-md-12 col-lg-6 social-box-container dkt-social-icon\">\n\t\t\t\t\t\t\t\t<ul class=\"social-nav\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t\t\t<a class=\"subnav-button--form\" href=\"javascript:void(0)\" aria-label=\"contact us\" data-bs-toggle=\"modal\" data-bs-target=\"#WPB3856b85e_7f11_4041_9c67_89f3e7cc97c2\" data-bs-expert-title=\"Eugene Romero\">\n\t\t\t\t\t\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"ico-form\"><\/i>\n\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a aria-label=\"Linkedin\" target=\"_blank\" title=\"Opens in a new window\" href=\"https:\/\/www.linkedin.com\/in\/eugeneromero\/\"><i aria-hidden=\"true\" class=\"icon-li\"><\/i><\/a><\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"people-info\">As a Managing Cloud Advisor, I help clients reach their business goals by leveraging modern technologies and ways of working. I believe in moving away from manual processes, automating every step of an application&#8217;s lifecycle to minimize time-to-market and maximize profits.<\/div>\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t\t\t\t\t<div class=\"modal\" id=\"WPB3856b85e_7f11_4041_9c67_89f3e7cc97c2\">\n\t\t\t\t\t<div class=\"modal-dialog modal-dialog-centered modal-lg modal-dialog-scrollable landing-page-modals\">\n\t\t\t\t\t\t<div class=\"modal-content\">\n\t\t\t\t\t\t\t<div class=\"modal-header\">\n\t\t\t\t\t\t\t\t<button type=\"button\" class=\"btn-close\" aria-label=\"close\" data-bs-dismiss=\"modal\"><\/button>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<div class=\"modal-body\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"logo-wrapper\">\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/themes\/capgemini2025\/assets\/images\/logo.svg\"\n\t\t\t\t\t\t\t\t\t\talt=\"Connect with us\" class=\"light\" \/>\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/themes\/capgemini2025\/assets\/images\/logo-white.svg\"\n\t\t\t\t\t\t\t\t\t\talt=\"Connect with us\" class=\"dark\" \/>\n\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h4 class=\"form-title\">Connect with us<\/h4>\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t<div class=\"mf_forms__container \">\n\t\t\t\t\t\t\t\t<form id=\"mf_form_344241_1308671672\" class=\"mf_form__form row needs-validation\" action=\"\" method=\"post\" enctype=\"multipart\/form-data\" data-nosnippet>\n\n\t\t\t\t<div class=\"mf-field-wrapper form-floating col-sm-12\"><input type=\"text\" class=\"form-control\" id=\"_mf_344241_8430_1931225213\" name=\"_mf_344241_8430\" placeholder=\"First Name\" required \/><label for=\"_mf_344241_8430_1931225213\" class=\"form-label\">First Name <span class=\"star-required\">*<\/span><\/label><div class=\"invalid-feedback-frm\" role=\"alert\">First Name is not valid.<\/div><\/div><div class=\"mf-field-wrapper form-floating col-sm-12\"><input type=\"text\" class=\"form-control\" id=\"_mf_344241_7950_265863958\" name=\"_mf_344241_7950\" placeholder=\"Last Name\" required \/><label for=\"_mf_344241_7950_265863958\" class=\"form-label\">Last Name <span class=\"star-required\">*<\/span><\/label><div class=\"invalid-feedback-frm\" role=\"alert\">Last Name is not valid.<\/div><\/div><div class=\"mf-field-wrapper form-floating col-sm-12\"><input type=\"email\" class=\"form-control\" id=\"_mf_344241_6828_17115631\" name=\"_mf_344241_6828\" placeholder=\"Email\" required \/><label for=\"_mf_344241_6828_17115631\" class=\"form-label\">Email <span class=\"star-required\">*<\/span><\/label><div class=\"invalid-feedback-frm\" role=\"alert\">Email is not valid.<\/div><\/div><div class=\"mf-field-wrapper form-floating col-sm-12\"><input type=\"text\" class=\"form-control\" id=\"_mf_344241_448_3937307350\" name=\"_mf_344241_448\" placeholder=\"Company\" required \/><label for=\"_mf_344241_448_3937307350\" class=\"form-label\">Company <span class=\"star-required\">*<\/span><\/label><div class=\"invalid-feedback-frm\" role=\"alert\">Company is not valid.<\/div><\/div>\t\t<div class=\"mf_field mf_field--country mf_field--select floating form-country-select-parent mf-required\">\n\n\t\t\t<label for=\"_mf_344241_7028_2474003972\" class=\"floating__label form-country-select-label\" data-content=\"Country\">\n\t\t\t\t<span class=\"floating-label-content\">Country<\/span>\n\t\t\t<\/label>\n\n\t\t\t<div class=\"select-wrap\">\n<i class=\"icon icon-zodiak-chevron-down\"><\/i>\n\t\t\t\t<select id=\"_mf_344241_7028_2474003972\" class=\"mf_field__input empty mf-country-selectbox form_country_select\" name=\"_mf_344241_7028\" data-validate=\"select\" required>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"\"  selected='selected'>Country<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AF\" >Afghanistan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AX\" >Aland Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AL\" >Albania<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"DZ\" >Algeria<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AS\" >American Samoa<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AD\" >Andorra<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AO\" >Angola<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AI\" >Anguilla<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AQ\" >Antarctica<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AG\" >Antigua And Barbuda<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AR\" >Argentina<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AM\" >Armenia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AW\" >Aruba<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AU\" >Australia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AT\" >Austria<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AZ\" >Azerbaijan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BS\" >Bahamas<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BH\" >Bahrain<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BD\" >Bangladesh<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BB\" >Barbados<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BY\" >Belarus<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BE\" >Belgium<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BZ\" >Belize<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BJ\" >Benin<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BM\" >Bermuda<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BT\" >Bhutan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BO\" >Bolivia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BA\" >Bosnia And Herzegovina<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BW\" >Botswana<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BV\" >Bouvet Island<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BR\" >Brazil<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IO\" >British Indian Ocean Territory<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BN\" >Brunei Darussalam<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BG\" >Bulgaria<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BF\" >Burkina Faso<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BI\" >Burundi<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KH\" >Cambodia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CM\" >Cameroon<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CA\" >Canada<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CV\" >Cape Verde<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KY\" >Cayman Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CF\" >Central African Republic<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TD\" >Chad<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CL\" >Chile<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CN\" >China<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CX\" >Christmas Island<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CC\" >Cocos (Keeling) Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CO\" >Colombia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KM\" >Comoros<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CG\" >Congo<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CD\" >Congo, Democratic Republic<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CK\" >Cook Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CR\" >Costa Rica<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CI\" >Cote D&#039;Ivoire<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"HR\" >Croatia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CU\" >Cuba<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CY\" >Cyprus<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CZ\" >Czech Republic<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"DK\" >Denmark<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"DJ\" >Djibouti<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"DM\" >Dominica<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"DO\" >Dominican Republic<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"EC\" >Ecuador<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"EG\" >Egypt<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SV\" >El Salvador<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GQ\" >Equatorial Guinea<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ER\" >Eritrea<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"EE\" >Estonia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ET\" >Ethiopia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"FK\" >Falkland Islands (Malvinas)<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"FO\" >Faroe Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"FJ\" >Fiji<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"FI\" >Finland<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"FR\" >France<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GF\" >French Guiana<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PF\" >French Polynesia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TF\" >French Southern Territories<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GA\" >Gabon<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GM\" >Gambia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GE\" >Georgia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"DE\" >Germany<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GH\" >Ghana<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GI\" >Gibraltar<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GR\" >Greece<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GL\" >Greenland<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GD\" >Grenada<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GP\" >Guadeloupe<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GU\" >Guam<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GT\" >Guatemala<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GG\" >Guernsey<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GN\" >Guinea<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GW\" >Guinea-Bissau<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GY\" >Guyana<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"HT\" >Haiti<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"HM\" >Heard Island &amp; Mcdonald Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"VA\" >Holy See (Vatican City State)<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"HN\" >Honduras<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"HK\" >Hong Kong<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"HU\" >Hungary<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IS\" >Iceland<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IN\" >India<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ID\" >Indonesia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IR\" >Iran, Islamic Republic Of<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IQ\" >Iraq<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IE\" >Ireland<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IM\" >Isle Of Man<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IL\" >Israel<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"IT\" >Italy<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"JM\" >Jamaica<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"JP\" >Japan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"JE\" >Jersey<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"JO\" >Jordan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KZ\" >Kazakhstan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KE\" >Kenya<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KI\" >Kiribati<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KR\" >Korea<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KW\" >Kuwait<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KG\" >Kyrgyzstan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LA\" >Lao People&#039;s Democratic Republic<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LV\" >Latvia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LB\" >Lebanon<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LS\" >Lesotho<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LR\" >Liberia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LY\" >Libyan Arab Jamahiriya<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LI\" >Liechtenstein<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LT\" >Lithuania<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LU\" >Luxembourg<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MO\" >Macao<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MK\" >Macedonia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MG\" >Madagascar<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MW\" >Malawi<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MY\" >Malaysia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MV\" >Maldives<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ML\" >Mali<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MT\" >Malta<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MH\" >Marshall Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MQ\" >Martinique<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MR\" >Mauritania<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MU\" >Mauritius<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"YT\" >Mayotte<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MX\" >Mexico<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"FM\" >Micronesia, Federated States Of<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MD\" >Moldova<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MC\" >Monaco<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MN\" >Mongolia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ME\" >Montenegro<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MS\" >Montserrat<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MA\" >Morocco<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MZ\" >Mozambique<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MM\" >Myanmar<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NA\" >Namibia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NR\" >Nauru<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NP\" >Nepal<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NL\" >Netherlands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AN\" >Netherlands Antilles<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NC\" >New Caledonia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NZ\" >New Zealand<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NI\" >Nicaragua<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NE\" >Niger<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NG\" >Nigeria<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NU\" >Niue<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NF\" >Norfolk Island<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MP\" >Northern Mariana Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"NO\" >Norway<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"OM\" >Oman<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PK\" >Pakistan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PW\" >Palau<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PS\" >Palestinian Territory, Occupied<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PA\" >Panama<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PG\" >Papua New Guinea<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PY\" >Paraguay<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PE\" >Peru<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PH\" >Philippines<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PN\" >Pitcairn<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PL\" >Poland<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PT\" >Portugal<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PR\" >Puerto Rico<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"QA\" >Qatar<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"RE\" >Reunion<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"RO\" >Romania<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"RU\" >Russian Federation<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"RW\" >Rwanda<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"BL\" >Saint Barthelemy<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SH\" >Saint Helena<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"KN\" >Saint Kitts And Nevis<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LC\" >Saint Lucia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"MF\" >Saint Martin<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"PM\" >Saint Pierre And Miquelon<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"VC\" >Saint Vincent And Grenadines<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"WS\" >Samoa<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SM\" >San Marino<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ST\" >Sao Tome And Principe<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SA\" >Saudi Arabia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SN\" >Senegal<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"RS\" >Serbia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SC\" >Seychelles<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SL\" >Sierra Leone<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SG\" >Singapore<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SK\" >Slovakia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SI\" >Slovenia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SB\" >Solomon Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SO\" >Somalia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ZA\" >South Africa<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GS\" >South Georgia And Sandwich Isl.<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ES\" >Spain<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"LK\" >Sri Lanka<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SD\" >Sudan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SR\" >Suriname<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SJ\" >Svalbard And Jan Mayen<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SZ\" >Swaziland<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SE\" >Sweden<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"CH\" >Switzerland<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"SY\" >Syrian Arab Republic<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TW\" >Taiwan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TJ\" >Tajikistan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TZ\" >Tanzania<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TH\" >Thailand<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TL\" >Timor-Leste<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TG\" >Togo<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TK\" >Tokelau<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TO\" >Tonga<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TT\" >Trinidad And Tobago<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TN\" >Tunisia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TR\" >Turkey<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TM\" >Turkmenistan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TC\" >Turks And Caicos Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"TV\" >Tuvalu<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"UG\" >Uganda<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"UA\" >Ukraine<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"AE\" >United Arab Emirates<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"GB\" >United Kingdom<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"US\" >United States<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"UM\" >United States Outlying Islands<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"UY\" >Uruguay<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"UZ\" >Uzbekistan<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"VU\" >Vanuatu<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"VE\" >Venezuela<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"VN\" >Viet Nam<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"VG\" >Virgin Islands, British<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"VI\" >Virgin Islands, U.S.<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"WF\" >Wallis And Futuna<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"EH\" >Western Sahara<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"YE\" >Yemen<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ZM\" >Zambia<\/option>\n\t\t\t\t\t\t\t\t\t\t\t<option value=\"ZW\" >Zimbabwe<\/option>\n\t\t\t\t\t\t\t\t\t<\/select>\n\n\t\t\t\t<div class=\"invalid-feedback-frm\" role=\"alert\">Country is not valid.<\/div>\n\t\t\t<\/div>\n\n\t\t<\/div>\n\n\t\t<script type=\"text\/javascript\">\n            jQuery(document).ready(function($) {\n                $('.mf_form__form').each(function() {\n                    var $form = $(this); \/\/ This specific form instance\n\n                    \/\/ Find the country select in this form\n                    $form.find('.form_country_select').each(function() {\n                        var $select = $(this);\n\t\t\t\t\t\tvar clickCount = 0;\n                        \/\/ On change\n                        $select.on('click', function() {\n\t\t\t\t\t\t\tclickCount++;\n\t\t\t\t\t\t\tif (clickCount === 1) {\n\t\t\t\t\t\t\t\t$(this).parent().find('.icon-zodiak-chevron-down').addClass('active');\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tclickCount = 0;\n\t\t\t\t\t\t\t\t$(this).parent().find('.icon-zodiak-chevron-down').removeClass('active');\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t});\n\t\t\t\t\t\t$select.on('blur', function() {\n\t\t\t\t\t\t\tclickCount = 0;\n\t\t\t\t\t\t\t$(this).parent().find('.icon-zodiak-chevron-down').removeClass('active');\n\t\t\t\t\t\t});\n                    });\n                });\n            });\n        <\/script>\n\n\t\t<div class=\"mf-field-wrapper form-floating col-sm-12\"><input type=\"text\" pattern=\"^[0-9\\-\\+\\s]+$\"  class=\"form-control\" id=\"_mf_344241_4361_2123590425\" name=\"_mf_344241_4361\" oninput=\"validateInput(this)\" maxlength=\"14\" placeholder=\"Phone\"  \/><label for=\"_mf_344241_4361_2123590425\" class=\"form-label\">Phone (optional)<\/label><\/div><div class=\"mf-field-wrapper form-floating col-sm-12\"><textarea type=\"text\" class=\"form-control\" id=\"_mf_344241_6784_1303710183\" name=\"_mf_344241_6784\" placeholder=\"Your Message\" required><\/textarea><label for=\"_mf_344241_6784_1303710183\" class=\"form-label\">Your Message <span class=\"star-required\">*<\/span><\/label><div class=\"invalid-feedback-frm\" role=\"alert\">Your Message is not valid.<\/div><\/div><div class=\"mf-field-wrapper  col-sm-12\">\n\t\t<div class=\"form-check checkbox-controls\">\n\n\t\t\t<input type=\"checkbox\" id=\"_mf_344241_781_2056948649\" class=\"form-check-input\"\n\t\t\t\tname=\"_mf_344241_781[]\"\n\t\t\t\tvalue=\"1\"\n\t\t\t\trequired\n\t\t\t>\n\n\t\t\t<label for=\"_mf_344241_781_2056948649\" class=\"form-check-label consent-text\">\n\t\t\t\tI agree to Capgemini collecting and processing my personal data to allow me to receive information on Capgemini services. For further information, please see <a href=\"https:\/\/www.capgemini.com\/no-no\/privacy-notice\/\" target=\"_blank\">our Privacy Notice<\/a>.  &nbsp;\t\t\t<\/label>\n\n\t\t<\/div>\n\t\t<\/div>\t\t\t<div class=\"mf_field mf_field--hidden \">\n\t\t\t\t<label for=\"_mf_344241_1688_3381067529\">Expert title\t\t\t\t\t<\/label>\n\t\t\t\t<input type=\"hidden\" id=\"_mf_344241_1688_3381067529\" class=\"mf_field__input empty\" name=\"_mf_344241_1688\" data-validate=\"text\" data-hidden-field-tag=\"expert_title\" value=\"\"  \/>\n\t\t\t<\/div>\n\t\t\t\t\t<div class=\"mf_field mf_field--hidden \">\n\t\t\t\t<label for=\"_mf_344241_7135_2233628424\">Page URL\t\t\t\t\t<\/label>\n\t\t\t\t<input\n\t\t\t\t\ttype=\"hidden\"\n\t\t\t\t\tid=\"_mf_344241_7135_2233628424\"\n\t\t\t\t\tclass=\"mf_field__input empty\"\n\t\t\t\t\tname=\"_mf_344241_7135\"\n\t\t\t\t\tdata-validate=\"text\"\n\t\t\t\t\tvalue=\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/\"\n\t\t\t\t\t\t\t\t\t\/>\n\t\t\t<\/div>\n\t\t\t\t\t<div class=\"mf_field mf_field--recaptcha\">\n\t\t\t\t<div class=\"g-recaptcha\" data-sitekey=\"6Lc3OpIUAAAAADY4ErEHF0HF6Tr7vuknduDU-fbl\"><\/div>\n\t\t\t<\/div>\n\t\t\t\n\t\t\t<div class=\"mf_field mf_field--submit\" >\n\t\t\t\t<div class=\"slide-button-background button-background\">\n\t\t\t\t\t<label for=\"slider-submit-_mf_344241_1145\" class=\"slide-text\">\n\t\t\t\t\t\tSlide to submit\t\t\t\t\t<\/label>\n\t\t\t\t\t<input\n\t\t\t\t\t\tid=\"slider-submit-_mf_344241_1145\"\n\t\t\t\t\t\ttype=\"range\"\n\t\t\t\t\t\tclass=\"mf_field__input slider-frm-btn\"\n\t\t\t\t\t\trel=\"_mf_344241_1145\"\n\t\t\t\t\t\tmin=\"0\"\n\t\t\t\t\t\tmax=\"100\"\n\t\t\t\t\t\tvalue=\"0\"\n\t\t\t\t\t\taria-label=\"Slide to submit\"\n\t\t\t\t\t\taria-describedby=\"slide-instruction-_mf_344241_1145\"\n\t\t\t\t\t\taria-valuenow=\"0\"\n\t\t\t\t\t\taria-valuemin=\"0\"\n\t\t\t\t\t\taria-valuemax=\"100\"\n\t\t\t\t\t\taria-orientation=\"horizontal\"\n\t\t\t\t\t\trole=\"slider\"\n\t\t\t\t\t\ttabindex=\"0\"\n\t\t\t\t\t\/>\n\t\t\t\t\t<span id=\"slide-instruction-_mf_344241_1145\" class=\"sr-only\">\n\t\t\t\t\t\tUse right arrow keys to slide, or drag right with your finger. When you reach 100 percent, the form is submitted.\t\t\t\t\t<\/span>\n\t\t\t\t\t<!-- Mobile-only submit button fallback -->\n\t\t\t\t\t<button type=\"submit\" class=\"mf-mobile-submit-btn\" disabled>\n\t\t\t\t\t\t<span class=\"sr-only\">If you use a screen reader or VoiceOver, double-tap this button to submit the form.<\/span>\n\t\t\t\t\t\tSlide to submit\t\t\t\t\t<\/button>\n\t\t\t\t<\/div>\n\t\t\t\t<input type=\"hidden\" name=\"submit_btn_txt\" class=\"submit_btn_txt\" value=\"Slide to submit\"\/>\n\t\t\t\t<input type=\"hidden\" name=\"submitted_state_txt\" class=\"submitted_state_txt\" value=\"Submitted\"\/>\n\t\t\t<\/div>\n\t\t\t\t\t\t<input type=\"hidden\" name=\"form_id\" data-validate=\"number\" class=\"mf_form__id\" value=\"344241\" \/>\n\t\t\t\t<input type=\"hidden\" name=\"form_title\" class=\"mf_form__title\" value=\"revamp-new-expert-form\" \/>\n\t\t\t\t<input type=\"hidden\" name=\"wp_rest_nonce\" class=\"mf_form__wp_rest_nonce\" value=\"e2c6884adf\" \/>\n\n\t\t\t\t<input type=\"hidden\" name=\"mf_form_conditional_logic\" class=\"mf_form__title conditional_logic\" value=\"\" \/>\n\t\t\t\t\n\t\t\t\t<input type=\"hidden\" name=\"mf_form_fields_country_dpo_field\" class=\"mf_form__title conditional_logic mf_form_fields_country_dpo_field\" value=\"\" \/>\n\n\t\t\t\t<!-- Anti-spam field -->\n\t\t\t\t<input type=\"text\" \n\t\t\t\t\tname=\"website_url\" \n\t\t\t\t\tclass=\"mf_field__url\" \n\t\t\t\t\tautocomplete=\"off\"\n\t\t\t\t\ttabindex=\"-1\"\n\t\t\t\t\taria-hidden=\"true\"\n\t\t\t\t\tstyle=\"position:absolute;left:-9999px;width:1px;height:1px;opacity:0;pointer-events:none;\" \n\t\t\t\t\/>\n\t\t\t<\/form>\n\n\t\t\t<div class=\"mf_form__success\" tabindex=\"0\" role=\"alert\">\n\t\t\t\tThank you for your submission. We will be in touch with you soon!<\/p>\n\t\t\t<\/div>\n\t\t\t<div class=\"mf_form__errors\">\n\t\t\t\t<p>We are sorry, the form submission failed. Please try again.<\/p>\n\t\t\t<\/div>\n\t\t\t\t<\/div>\n\n\t\t<script>\n\t\t\twindow.MF_CONFIG344241 = {\"344241\":{\"errors\":[],\"redirect\":\"\"}};\n\t\t<\/script>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\n<\/div><\/div><\/div><div class=\"slider-nav\"><button class=\"slider-prev inactive\" aria-label=\"Slider previous\" tabindex=\"-1\"><\/button><ul class=\"slider-paginator\"><\/ul><button class=\"slider-next\" aria-label=\"Slider next\"><\/button><\/div><\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":324,"featured_media":835150,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cg_dt_proposed_to":[],"cg_seo_hreflang_relations":"[]","cg_seo_canonical_relation":"","cg_seo_hreflang_x_default_relation":"{\"uuid\":\"c8072636-8c52-48d8-b97d-65dcd6241043\",\"blogId\":\"\",\"domain\":\"\",\"sitePath\":\"\",\"postLink\":\"\",\"postId\":null,\"isSaved\":true,\"isCrossLink\":false,\"hasCrossLink\":false}","cg_dt_approved_content":true,"cg_dt_mandatory_content":false,"cg_dt_notes":"","cg_dg_source_changed":false,"cg_dt_link_disabled":false,"_yoast_wpseo_primary_brand":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","featured_focal_points":""},"categories":[1],"tags":[],"brand":[],"service":[],"industry":[],"partners":[],"blog-topic":[121],"content-group":[],"class_list":["post-835106","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","blog-topic-cloud"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.8 (Yoast SEO v22.8) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods - Capgemini Norway<\/title>\n<meta name=\"description\" content=\"Encrypted communications are a basic requirement for any modern software application. However, managing TLS certificates and automatically installing them on Kubernetes apps can seem difficult or time-consuming.In this blog post, our Senior Cloud and DevOps Engineer Eugene Romero demonstrate how to use Azure Key Vault, Kubernetes and the CSI Secrets&#039; Store Driver to securely store, install and use TLS certificates in your applications.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods\" \/>\n<meta property=\"og:description\" content=\"Encrypted communications are a basic requirement for any modern software application. However, managing TLS certificates and automatically installing them on Kubernetes apps can seem difficult or time-consuming.In this blog post, our Senior Cloud and DevOps Engineer Eugene Romero demonstrate how to use Azure Key Vault, Kubernetes and the CSI Secrets&#039; Store Driver to securely store, install and use TLS certificates in your applications.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/\" \/>\n<meta property=\"og:site_name\" content=\"Capgemini Norway\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-16T08:43:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-20T04:22:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-FC-organic_SM-_NORD_V1-copy.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"666\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Eugene Romero\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"santanughosh\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/\",\"url\":\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/\",\"name\":\"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods - Capgemini Norway\",\"isPartOf\":{\"@id\":\"https:\/\/www.capgemini.com\/no-no\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg\",\"datePublished\":\"2023-05-16T08:43:00+00:00\",\"dateModified\":\"2025-03-20T04:22:02+00:00\",\"author\":{\"@id\":\"https:\/\/www.capgemini.com\/no-no\/#\/schema\/person\/d59b76baf50cb949bddc370f7a57f144\"},\"description\":\"Encrypted communications are a basic requirement for any modern software application. However, managing TLS certificates and automatically installing them on Kubernetes apps can seem difficult or time-consuming.In this blog post, our Senior Cloud and DevOps Engineer Eugene Romero demonstrate how to use Azure Key Vault, Kubernetes and the CSI Secrets' Store Driver to securely store, install and use TLS certificates in your applications.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#primaryimage\",\"url\":\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg\",\"contentUrl\":\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg\",\"width\":2880,\"height\":1800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.capgemini.com\/no-no\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.capgemini.com\/no-no\/#website\",\"url\":\"https:\/\/www.capgemini.com\/no-no\/\",\"name\":\"Capgemini Norway\",\"description\":\"Capgemini\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.capgemini.com\/no-no\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.capgemini.com\/no-no\/#\/schema\/person\/d59b76baf50cb949bddc370f7a57f144\",\"name\":\"santanughosh\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.capgemini.com\/no-no\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b9a8a2aa4e433679f9b84dcf0bb036cf744b205a3345a9afb930ecd08b809f90?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b9a8a2aa4e433679f9b84dcf0bb036cf744b205a3345a9afb930ecd08b809f90?s=96&d=mm&r=g\",\"caption\":\"santanughosh\"},\"url\":\"https:\/\/www.capgemini.com\/no-no\/author\/santanughosh\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods - Capgemini Norway","description":"Encrypted communications are a basic requirement for any modern software application. However, managing TLS certificates and automatically installing them on Kubernetes apps can seem difficult or time-consuming.In this blog post, our Senior Cloud and DevOps Engineer Eugene Romero demonstrate how to use Azure Key Vault, Kubernetes and the CSI Secrets' Store Driver to securely store, install and use TLS certificates in your applications.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/","og_locale":"en_US","og_type":"article","og_title":"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods","og_description":"Encrypted communications are a basic requirement for any modern software application. However, managing TLS certificates and automatically installing them on Kubernetes apps can seem difficult or time-consuming.In this blog post, our Senior Cloud and DevOps Engineer Eugene Romero demonstrate how to use Azure Key Vault, Kubernetes and the CSI Secrets' Store Driver to securely store, install and use TLS certificates in your applications.","og_url":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/","og_site_name":"Capgemini Norway","article_published_time":"2023-05-16T08:43:00+00:00","article_modified_time":"2025-03-20T04:22:02+00:00","og_image":[{"width":1200,"height":666,"url":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-FC-organic_SM-_NORD_V1-copy.jpg","type":"image\/jpeg"}],"author":"Eugene Romero","twitter_card":"summary_large_image","twitter_misc":{"Written by":"santanughosh","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/","url":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/","name":"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods - Capgemini Norway","isPartOf":{"@id":"https:\/\/www.capgemini.com\/no-no\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#primaryimage"},"image":{"@id":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#primaryimage"},"thumbnailUrl":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg","datePublished":"2023-05-16T08:43:00+00:00","dateModified":"2025-03-20T04:22:02+00:00","author":{"@id":"https:\/\/www.capgemini.com\/no-no\/#\/schema\/person\/d59b76baf50cb949bddc370f7a57f144"},"description":"Encrypted communications are a basic requirement for any modern software application. However, managing TLS certificates and automatically installing them on Kubernetes apps can seem difficult or time-consuming.In this blog post, our Senior Cloud and DevOps Engineer Eugene Romero demonstrate how to use Azure Key Vault, Kubernetes and the CSI Secrets' Store Driver to securely store, install and use TLS certificates in your applications.","breadcrumb":{"@id":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#primaryimage","url":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg","contentUrl":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg","width":2880,"height":1800},{"@type":"BreadcrumbList","@id":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.capgemini.com\/no-no\/"},{"@type":"ListItem","position":2,"name":"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods"}]},{"@type":"WebSite","@id":"https:\/\/www.capgemini.com\/no-no\/#website","url":"https:\/\/www.capgemini.com\/no-no\/","name":"Capgemini Norway","description":"Capgemini","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.capgemini.com\/no-no\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.capgemini.com\/no-no\/#\/schema\/person\/d59b76baf50cb949bddc370f7a57f144","name":"santanughosh","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.capgemini.com\/no-no\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b9a8a2aa4e433679f9b84dcf0bb036cf744b205a3345a9afb930ecd08b809f90?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b9a8a2aa4e433679f9b84dcf0bb036cf744b205a3345a9afb930ecd08b809f90?s=96&d=mm&r=g","caption":"santanughosh"},"url":"https:\/\/www.capgemini.com\/no-no\/author\/santanughosh\/"}]}},"blog_topic_info":[{"id":121,"name":"Cloud"}],"taxonomy_info":{"category":[{"id":1,"name":"Uncategorized","slug":"uncategorized"}],"blog-topic":[{"id":121,"name":"Cloud","slug":"cloud"}],"following_users":[{"id":422,"name":"automator","slug":"automator"},{"id":573,"name":"jaydeepsinghrawat","slug":"jaydeepsinghrawat"},{"id":579,"name":"santanughosh","slug":"santanughosh"}]},"parsely":{"version":"1.1.0","canonical_url":"https:\/\/capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/","smart_links":{"inbound":0,"outbound":0},"traffic_boost_suggestions_count":0,"meta":{"@context":"https:\/\/schema.org","@type":"NewsArticle","headline":"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods","url":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/","mainEntityOfPage":{"@type":"WebPage","@id":"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/"},"thumbnailUrl":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg?w=150&h=150&crop=1","image":{"@type":"ImageObject","url":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg"},"articleSection":"Uncategorized","author":[],"creator":[],"publisher":{"@type":"Organization","name":"Capgemini Norway","logo":""},"keywords":[],"dateCreated":"2023-05-16T08:43:00Z","datePublished":"2023-05-16T08:43:00Z","dateModified":"2025-03-20T04:22:02Z"},"rendered":"<meta name=\"parsely-title\" content=\"Using SSL\/TLS certificates from Azure Key Vault in Kubernetes pods\" \/>\n<meta name=\"parsely-link\" content=\"https:\/\/www.capgemini.com\/no-no\/insights\/expert-perspectives\/using-ssltls-certificates-from-azure-key-vault-in-kubernetes-pods\/\" \/>\n<meta name=\"parsely-type\" content=\"post\" \/>\n<meta name=\"parsely-image-url\" content=\"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg?w=150&amp;h=150&amp;crop=1\" \/>\n<meta name=\"parsely-pub-date\" content=\"2023-05-16T08:43:00Z\" \/>\n<meta name=\"parsely-section\" content=\"Uncategorized\" \/>","tracker_url":"https:\/\/cdn.parsely.com\/keys\/capgemini.com\/p.js"},"jetpack_featured_media_url":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg","archive_status":false,"featured_image_src":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg","featured_image_alt":"","jetpack_sharing_enabled":true,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Capgemini Norway","distributor_original_site_url":"https:\/\/www.capgemini.com\/no-no","push-errors":false,"featured_image_url":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2023\/05\/090523__Blog-Eugene-Romero-image_SM-_NORD_V1-copy.jpg","author_title":"Eugene Romero","author_thumbnail_url":"https:\/\/www.capgemini.com\/no-no\/wp-content\/uploads\/sites\/23\/2022\/11\/Eugene-Romero.jpg?w=720","author_thumbnail_alt":"","_links":{"self":[{"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/posts\/835106","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/users\/324"}],"replies":[{"embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/comments?post=835106"}],"version-history":[{"count":11,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/posts\/835106\/revisions"}],"predecessor-version":[{"id":855312,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/posts\/835106\/revisions\/855312"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/media\/835150"}],"wp:attachment":[{"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/media?parent=835106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/categories?post=835106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/tags?post=835106"},{"taxonomy":"brand","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/brand?post=835106"},{"taxonomy":"service","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/service?post=835106"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/industry?post=835106"},{"taxonomy":"partners","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/partners?post=835106"},{"taxonomy":"blog-topic","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/blog-topic?post=835106"},{"taxonomy":"content-group","embeddable":true,"href":"https:\/\/www.capgemini.com\/no-no\/wp-json\/wp\/v2\/content-group?post=835106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}