Using PKI with Vault

Public Key Infrastructure (PKI) provides a way to verify authenticity and guarantee secure communication between applications. Setting up your own PKI infrastructure can be a complex and very manual process. Vault PKI allows users to dynamically generate X.509 certificates quickly and on demand. Vault PKI can streamline distributing TLS certificates and allows users to create PKI certificates with a single command. Vault PKI reduces overhead around the usual manual process of generating a private key and CSR, submitting to a CA, and waiting for a verification and signing process to complete, while additionally providing an authentication and authorization mechanism to validate as well. See below for getting started guides and documentation.

Learn how to integrate PKI in Vault

Build Your Own Certificate Authority (CA)

In this Learn Guide we will walk through building our own certificate authority using Vault PKI Secrets Engine.

X.509 Certificate Management with Vault

In this blog post, we will look at practical public key certificate management in Vault, which uses a dynamic secrets approach.

Secure Introduction With Vault and Kubernetes

In this session, we look at Vaults capabilities when interacting with Kubernetes. We’ll review Injecting secrets, account tokens, and much more.


PKI Secrets Engine

The Vault PKI Secrets Engine provides a secure way to streamline management of X.509 certificates. The secrets engine allows services to get certificates without going through the usual manual processes.

PKI Secrets Engine (API)

This is the API documentation for the Vault PKI secrets engine and covers all aspects of interacting and automating workflows with Vault’s PKI infrastructure.

Adopting HashiCorp Vault

This article provides a background on common steps around and stages of HashiCorp Vault deployment and adoption, based both on software best practice and experience in deploying Vault at scale in large organizations.

When to consider Vault Enterprise?

Open Source

Technical Complexity

Vault Open Source addresses the technical complexity of managing secrets by leveraging trusted identities across distributed infrastructure and clouds.

View Open Source Features

Organizational Complexity

Vault Enterprise addresses the organizational complexity of large user bases and compliance requirements with collaboration and governance features.

View Enterprise Features

Ready to get started?