Loading/Storing binary files as secrets

kgunjikar · March 30, 2021, 4:35pm

I generate some keys using the command below. The keyfile.enc is encoded in binary

openssl enc -aes-256-cbc -md sha1   -pass file:/tmp/keyfile.key \
                                          -in /tmp/keyfile \
                                          -out /tmp/keyfile.enc

I want to write the contents of this file as a secret in vault

cat keyfile.enc | vault kv put secret/mysecret key=-

However, when I use this secret in my mutating webhook config I have problems getting the contents of this secret.

Are there any limitations wrt binary files ?

kalafut · April 9, 2021, 6:24am

Are there any limitations wrt binary files ?

Yes. The CLI will be building a JSON body to send to the Vault API, so binary data must be encoded (typically with base64) before sending it to the Vault CLI.

kgunjikar · May 4, 2021, 5:38pm

Thank you . Good to know.

Topic		Replies	Views
How to store the content of binary file in Vault? Vault	6	15618	August 11, 2021
Download files in vault Vault	1	1847	March 2, 2021
Vault read to file Vault	2	3392	April 26, 2020
Loading secrets from a file into a kv-engine at startup Vault	2	245	November 9, 2022
Vault k8s injector load file to env Vault	1	320	August 4, 2020

Loading/Storing binary files as secrets

Related topics