Generate Signed certificate from Vault root CA with existing CSR


I had generate CSR through my own tool & now wanted to generate the signed certificate using Vault and later will use my own tool to install that certificate. Do we have an option to generate signed certs from Vault by inputting my existing CSR.

Kindly share the steps to do so.I wanted to integrate Vault root CA in my tool,so that someone can generate CSR using the product API and then can use Vault to generate Signed certificate using that CSR and later to use product API to install that certificate.

Hi, the sign API call of the pki secrets-engine, has a csr parameter:

Is that what you are looking for?