CA correctly imported but cannot retrieve it in the UI or by CLI/ API Call

francois.lalisse · April 21, 2023, 9:02am

Hello all,

I hope you will be able to help me.
To give a bit of context:
I created a subca signed by my root CA outside of the Vault.
I want to use this subca as a CA for my Vault PKI so i tried to import this certificate by using this API call :

curl
–header “X-Vault-Token: …”
–request POST
–data “@payload.json”
http://127.0.0.1:8200/v1/pki/config/ca

When i trigger this endpoint with the right values, i receive no errors message, so it seems that my CA is correctly imported in my Vault

curl --header “X-Vault-Token:xxxxxxxxxxxxxxxxxxxxxx” --request POST --data “@working_payload_pkcsv1.json” https://vaulttestw03.keytrade.com:8200/v1/pki/config/ca
{“request_id”:“88b40590-58e9-3099-04ce-5cbacd19a0ed”,“lease_id”:“”,“renewable”:false,“lease_duration”:0,“data”:{“imported_issuers”:[“9d75975f-764a-990a-f00e-212ac1c5f082”],“imported_keys”:[“c82cc73b-3ac1-16d3-3400-10efae974629”],“mapping”:{“9d75975f-764a-990a-f00e-212ac1c5f082”:“c82cc73b-3ac1-16d3-3400-10efae974629”}},“wrap_info”:null,“warnings”:null,“auth”:null}

But unfortunately when i navigate in the UI i cannot retrieve my Certificate and neither in CLI.

If someone can help that would be awesome !
Best Regards,
François

maxb · April 25, 2023, 8:58am

There is so little detail about what did not work, that it is not possible for anyone to assist. You would need to describe your problem in substantially greater detail, including actual copy/paste of what you typed and what you saw. Remember: we can’t read your mind!