Hi All,

I am very new to hashicorp vault and have few basic question:

1. using transit secret engine , is there a way to get private key the way we get public key : GET /transit/keys/:name.

This is required as we are still trying to use own crypto service but use vault for only creating/storing/updating key materials.

Hi @sunil001repo!

You have to mark the key exportable (https://www.vaultproject.io/api/secret/transit/index.html#exportable) during key creation/generation.
Afterwards, you can use the key export API endpoint (https://www.vaultproject.io/api/secret/transit/index.html#export-key) to export the private key.

Cheers,
Michel

Thanks Michel. This is what I was looking for

Just to tag on to this, once the key is made exportable, this can not be reveresed.