Beyond secrets, using Vault to automate PKI
Vložit
- čas přidán 24. 10. 2023
- Learn how to use Vault for modern PKI, certificate authority, and certificate management workflows in your organization. By leveraging Vault workflows and automation, you can avoid expensive expired certificate outages and run more efficiently without a lot of manual processes or heroics.
Speaker: David Mills
Subscribe to our CZcams Channel → czcams.com/users/HashiCorp?s...
For hands-on interactive labs, visit HashiCorp Developer → developer.hashicorp.com/
HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.
For more information → hashicorp.com
Twitter → / hashicorp
LinkedIn → / hashicorp
Facebook → / hashicorp - Věda a technologie
Thanks for the great video. I am trying to set up an SSL connection in my spring boot microservices and wanting to use Hashicorp vault pki. My problem is how can I convert the CA generated by vault to pkcs12. And whether it is advisable to copy the CA into a Java keystore for use in production? Thanks
So sorry you're having problems with this configuration. To answer your question, you can import a PEM from Vault into a Java key store or convert to PKCS12. HashiCorp doesn't have documentation on this process but there are many tutorials online with guidance you can follow. This one may be sufficient but since it isn't produced by us, we can't speak to its accuracy: help.hcltechsw.com/appscan/Standard/10.0.3/en-US/t_ConvertthepfxCertificatetopemFormat068.html
Thanks alot. I also wanted to just build a dockerfile and install JDK etc- In that way I can easily convert the created certificate, then either upload it again to or so. I also noticed that your tutorial on using rabbitmq doesnt work in my case. Of course, I also checked the talks presented by your Advocates. I always get a 404 error when trying to write to a mounted rabbitmq path. Strange. But thank you very much.@@HashiCorp
@maneshipocrates2264 Sorry to hear you're still having some issues. I'd also suggest taking a look at our Discuss forums as well!: discuss.hashicorp.com/c/vault/30
Can Vault act as a Root CA for a windows server subordinate CA ?
Yes 👍