I’m wondering if anyone has any experience with using Vault’s PKI in conjunction with EST (Enrollment over Secure Transport) or SCEP ( Simple Certificate Enrollment Protocol).
I’d like to have IoT devices be able to acquire certificates using one of these protocols, but I haven’t been able to find any examples of using Vault as the PKI. Does anyone have any experience/references for this?
Request: Developer-tier SCEP support in Vault for testing use cases
Many infrastructure teams need to validate SCEP workflows during development, but current Vault SCEP support requires an Enterprise license. It would be valuable to have a small developer-tier or evaluation-friendly option — e.g., a low certificate issuance ceiling — to allow testing and client integration before engaging with Enterprise licensing.
This would help more teams adopt Vault as a CA backend for device onboarding, network gear, and provisioning workflows without immediately entering an enterprise licensing cycle just to validate the flow.
Is this something the team could consider?