Managing public key infrastructure (PKI) is challenging, especially in dynamic, cloud-native environments. In the “good old days,” you could create a virtual machine, place a certificate on it, and forget about it for a couple of years (or at least until the certificate expired). But as modern infrastructure has evolved, a more automated and scalable approach is needed.
In this article, we’ll explore how to configure HashiCorp Vault as a subordinate Certificate Authority (CA) under FreeIPA, how to request certificates, and build a certificate chain trusted by any host in your infrastructure.
This article has been indexed from DZone Security Zone
Read the original article: