confd icon indicating copy to clipboard operation
confd copied to clipboard

Published 20 hours ago verified publisher icon kelseyhightower

Vault PKI support?

Open azalio opened this issue 6 years ago • 7 comments

Hello! Does confd support issuing certs and renewing procedure for them?

azalio avatar Jul 11 '18 09:07 azalio

No, it doesn't. Also, I don't see how it might even be a responsibility of the confd tool to manage the certificates. How do you think this feature might be added here?

okushchenko avatar Jul 14 '18 19:07 okushchenko

I'm going to use confd for ETCD and Vault values. And it might be convenient to use confd for vault PKI too because in another way I need to use one software for values from vault and another software for certs in vault. And from another point of view, certs just values for a common name (CN) as a key.

azalio avatar Jul 15 '18 08:07 azalio

Do you want these value to be exposed along the key/value objects from Vault or as a completely separate backend?

okushchenko avatar Jul 23 '18 14:07 okushchenko

I think a separate backend would be more useful than an integrated solution.

azalio avatar Jul 23 '18 15:07 azalio

I'll leave this issue open for now. If anyone is interested in implementing such backend I'll gladly review the PR.

okushchenko avatar Jul 24 '18 11:07 okushchenko

Created PR https://github.com/kelseyhightower/confd/pull/774 comments gladly welcome thanks!

tw3rp avatar Feb 18 '19 23:02 tw3rp

Small write up on how it works https://rprabhu.dev/2019/vault-confd-automation/

tw3rp avatar Apr 07 '19 20:04 tw3rp