Vault

Channel Revision Published Runs on
latest/edge 383 23 Aug 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 367 25 Jul 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 364 23 Jul 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 363 23 Jul 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 336 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 335 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 334 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 333 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 332 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 331 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 330 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 329 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 220 20 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 216 19 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 214 19 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 213 19 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 109 18 Apr 2023
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 79 02 Aug 2022
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
1.16/stable 387 12 Sep 2024
Ubuntu 22.04
1.16/candidate 387 12 Sep 2024
Ubuntu 22.04
1.16/beta 387 12 Sep 2024
Ubuntu 22.04
1.16/edge 403 18 Dec 2024
Ubuntu 22.04
1.15/stable 357 24 Jul 2024
Ubuntu 22.04
1.15/candidate 357 24 Jul 2024
Ubuntu 22.04
1.15/beta 357 24 Jul 2024
Ubuntu 22.04
1.15/edge 376 31 Jul 2024
Ubuntu 22.04
1.8/stable 372 26 Jul 2024
Ubuntu 22.04
1.8/edge 164 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 162 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 161 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 159 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 157 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 156 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 155 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 154 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 140 07 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 138 04 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 135 04 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 131 04 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.7/stable 371 26 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.6/stable 369 26 Jul 2024
Ubuntu 20.04 Ubuntu 18.04
1.5/stable 370 26 Jul 2024
Ubuntu 20.04 Ubuntu 18.04
juju deploy vault --channel 1.16/stable
Show information

Platform:

Ubuntu
24.04 23.10 23.04 22.10 22.04 20.04 18.04

Use Vault as an intermediate CA

In this how-to guide, we will configure Vault to act as an intermediate Certificate Authority (CA) using Vault’s PKI secrets engine. Here self-signed-certificates will be the parent CA and tls-certificates-requirer will be the charm requesting a certificate to Vault.

The certificates issued by Vault will have a validity period that is half of its intermediate CA’s, which is determined by the root provider’s configuration, in this case, the self-signed certificates.

  1. Configure Vault’s common name
  • Note: Vault PKI will only allow issuing certificates for the subdomains of the common_name configured here, it will reject any requests using differnt domains in their subject.
juju config vault common_name=mydomain.com
  1. Deploy the parent CA
juju deploy self-signed-certificates 
  1. Integrate Vault with its parent CA
juju integrate vault:tls-certificates-pki self-signed-certificates
  1. Deploy tls-certificates-requirer
juju deploy tls-certificates-requirer --config common_name=demo.mydomain.com
  1. Integrate TLS Certificates Requirer with Vault
juju integrate tls-certificates-requirer vault:vault-pki
  1. Retrieve the certificate
juju run tls-certificates-requirer/leader get-certificate

Help improve this document in the forum (guidelines). Last updated 2 months ago.