Vault
- Canonical Telco
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/edge | 89 | 31 Jan 2024 | |
| latest/edge | 9 | 27 Jan 2023 | |
| 1.16/stable | 323 | 20 Jan 2025 | |
| 1.16/candidate | 323 | 20 Jan 2025 | |
| 1.16/beta | 355 | 25 Mar 2025 | |
| 1.16/edge | 355 | 25 Mar 2025 | |
| 1.17/stable | 354 | 11 Apr 2025 | |
| 1.17/candidate | 354 | 11 Apr 2025 | |
| 1.17/beta | 354 | 25 Mar 2025 | |
| 1.17/edge | 365 | 28 Apr 2025 | |
| 1.15/stable | 248 | 24 Jul 2024 | |
| 1.15/candidate | 248 | 24 Jul 2024 | |
| 1.15/beta | 248 | 24 Jul 2024 | |
| 1.15/edge | 248 | 10 Jul 2024 |
juju deploy vault-k8s --channel 1.16/stable
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
Use Vault as an ACME Server to obtain TLS certificates
In this how-to guide, we will configure Vault to act as an ACME server using Vault’s PKI secrets engine. Here self-signed-certificates will be the parent CA.
The certificates issued by Vault will have a validity period that is half of its intermediate CA’s, which is determined by the root provider’s configuration, in this case, the self-signed certificates.
- Configure Vault’s common name
juju config vault common_name=mydomain.com
- Deploy the parent CA
juju deploy self-signed-certificates --channel 1/stable
- Integrate Vault with its parent CA
juju integrate vault:tls-certificates-acme self-signed-certificates
Now the ACME server is accessible on https://<Vault Address>:8200/v1/charm-acme/acme/directory
Now you should be able to obtain a certificate from Vault using an ACME client, for example Lego.