Last updated
Last updated
The Certificate-Type is similar to a KEYVALUE-Type but the data has to be saved in a specific order. The reason for this is, that when you issue a new certificate from a PKI Secret Engine in Vault they are wrapped in a second data object.
First generate or use an existing PKI. A documentation can be found at HashiCorps documentation page for Vault. Now issue a certificate, pipe it to a file and save it to a KV Secret Engine:
Now you should see that the data is saved in a second data object:
Now you can create the Vault resource in Kubernetes:
This will generate the Vault resource and also the secret:
The data is stored to allow an Ingress to read it as tls. For more details on ingress configuration please see:
For more details please see !