I am doing a little analysis on one of the ask where we would like to launch the vault by using the custom cert(mainly the private key that is passphrase protected). As of today during the vault unsealing flow it asks me to enter the passphrase on the command line/terminal which is a manual intervention activity.
I would like to make this automatic in nature meaning when the vault has started initializing I want to pass the passphrase to the private key through which it kind of decrypts/authenticates and performs the unseal without any human entering any inputs.
I would like to know if this is achievable and any approach recommended would be beneficial.
Appreciate if some ideas/thoughts are dropped here which can help me to think in those directions.