Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to rotate client certificate #19

Open
jvanbruegge opened this issue Oct 26, 2020 · 2 comments
Open

How to rotate client certificate #19

jvanbruegge opened this issue Oct 26, 2020 · 2 comments

Comments

@jvanbruegge
Copy link

My ldap server expects client certificates, which is not a problem, as I can supply them with tls_client_X in the config of the ldap backend.

The problem is how am I supposed to rotate the certificates? Vault itself generates those and I want to make them short lived. But I can't update them after the fact because the password is required for the /config endpoint and I don't have that any more after /rotate-root.

In general, it would be way more convenient to be able to specify certificate files, so I can just use the regular way of vault agent to keep renewing the certificates.
@jvanbruegge jvanbruegge reopened this Nov 30, 2020
@jvanbruegge
Copy link
Author

Closed by accident, still don't know how to rotate certificates

@jvanbruegge
Copy link
Author

If someone would give me a few pointers, I could also try to implement this myself

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jvanbruegge