Achieving end-to-end encryption for in-flight traffic is mandatory to comply with regulatory and security governance measures. Tanzu Service Mesh provides this capability across multiple clusters, clouds, and even service meshes.

Tanzu Service Mesh includes a top-level certificate authority (CA) to provide a trusted identity to each node on the network. In the case of microservices architecture, those nodes are the pods that run the services. Tanzu Service Mesh can set up end-to-end mutual transport layer security (mTLS) encryption using a CA function.