HashiCorp Vault 0.7.3
We are proud to announce the release of HashiCorp Vault 0.7.3, which includes a number of exciting new features, improvements, and bug fixes, as well as some security updates.
This release contains security relevant changes. Please ensure that you refer to the linked changelog, if you are users of the App-Id or Cert (TLS) authentication backends.
In addition to a number of bug fixes and minor enhancements, Vault 0.7.3 includes:
-
ed25519 Signing/Verification in Transit with Key Derivation - The Transit backend now supports generating ed25519 keys for signing and verification functionality. These keys support derivation, allowing you to modify the actual encryption key used by supplying a context value.
-
Key Version Specification for Encryption in Transit - You can now specify the version of a key you use to wish to generate a signature, ciphertext, or HMAC. This can be controlled by the
min_encryption_version
key configuration property. -
Replication Primary Discovery (Enterprise) - Replication primaries will now advertise the addresses of their local HA cluster members to replication secondaries. This helps recovery if the primary active node goes down and neither service discovery nor load balancers are in use to steer clients.
Customers using Vault Pro or Vault Enterprise will have binaries available shortly. The official Vault Docker Hub image has also been updated with the 0.7.3 tag.
The release includes additional new features, general improvements, and bug fixes. The Vault 0.7.3 changelog provides a full list of changes. As always, please test in an isolated environment before upgrading and follow Vault's upgrade guide.
A big thanks to our always-amazing community for their ideas, bug reports, and pull requests.
Sign up for the latest HashiCorp news
More blog posts like this one

Secure AI identity with HashiCorp Vault
HashiCorp Vault's dynamic credentials give AI applications traceable, short-lived identities with just-in-time access, replacing risky static credentials. Try our proof-of-concept LangChain application to see how this can work.

SCEP: A bridge from legacy PKI to modern certificate management
Vault Enterprise now supports SCEP, empowering secure certificate enrollment for legacy and device-constrained environments while helping teams plan their evolution to modern protocols like EST and ACME.

Build secure, AI-driven workflows with Terraform and Vault MCP servers
At AWS Summit New York, HashiCorp introduced new capabilities that bring Terraform, Vault, and Vault Radar into the age of AI agents — advancing secure, automated infrastructure through composable, agentic systems.