Skip to main content

HashiCorp Vault configuration and certificate operations

DigiCert Vault plugin is a standalone backend plugin for use with Hashicorp Vault. This plugin allows vault users to enroll and fetch certificates from DigiCert ONE platform. It connects Vault with trusted public, private, or cloud-hosted CAs configured in the DigiCert​​®​​ platform. The certificates created in Vault will be visible in DigiCert​​®​​ Trust Lifecycle Manager.

Configuration APIs are used to configure DigiCert​​®​​ credentials that maps a name in vault to connection and authentication settings for enrolling certificate.

vault write digicert-pki/configs/[config name] \
url="https://stage.one.digicert.com/" \
api_key="012ddc222d131c316bbeab2004_64551620ce1a40ac889073964840f49470e79695a0c5a2e0047b31700a8c3bb4"vault write digicert-pki/configs/:name <key>=<value>

Key

Description

[config name]

Your friendly name for the configuration

url

The URL pointing to the DigiCert ONE platform

api_key

The API key corresponding to a user’s account for authenticating to the platform.

vault read digicert-pki/configs/[config name]

Key

Description

[config name]

Your friendly name for the configuration.

vault list digicert-pki/configs
vault delete digicert-pki/configs/[config name]

Key

Description

[config name]

Your friendly name for the configuration.