Modern-Day PKI Management with HashiCorp Vault

Executive Summary

As technology continues to improve at an increasingly rapid pace, so do the threats to the information being managed by that technology. Because of these growing threats to information security, it is necessary to protect sensitive data through all stages of management.

One of these critical data management stages is the “transit” stage. The “transit” stage involves moving sets of data between infrastructure and services to allow various services to utilize that data in several ways. Protecting data during this stage is just as necessary as protecting data at rest.

But how can secure communication be managed in the era of microservices, where thousands of even tens-of-thousands of microservices need to share data? Manual certificate deployment is no longer capable of meeting the growing demands of scale and speed.

Automation must play a key role in certificate management to meet these demands and ensure trust in the exchange of data.

The purpose of this document is to outline a more modern approach to PKI management that solves the growing demand for scale and speed in an automated fashion, eliminating both security and operational compromise that regularly come as a result of human intervention.

This document is intended to be used by technical staff tasked with deploying PKI management solutions in greenfield environments.