How to get private key out of vault

sunil001repo · January 2, 2020, 5:34pm

Hi All,

I am very new to hashicorp vault and have few basic question:

using transit secret engine , is there a way to get private key the way we get public key : GET /transit/keys/:name.

This is required as we are still trying to use own crypto service but use vault for only creating/storing/updating key materials.

michelvocks · January 3, 2020, 10:47am

You have to mark the key exportable (https://www.vaultproject.io/api/secret/transit/index.html#exportable) during key creation/generation.
Afterwards, you can use the key export API endpoint (https://www.vaultproject.io/api/secret/transit/index.html#export-key) to export the private key.

Cheers,
Michel

sunil001repo · January 3, 2020, 3:27pm

Thanks Michel. This is what I was looking for