Migration old CA to Vault

rvojcik · April 15, 2021, 10:21am

Hi everyone.

I have plan to migrate our old VPN and WIFI CA to Vault. I’m doing some test and so far it’s looking very promissing.

I found a vay to import old CA to vault, so I’m able to issuing new certificates and so.

I’m stuck on 2 things now

Is there any possibility to import old CRL also ?
I have few VPN revoked clients and I’d like to import old CRL to vault
Is it possible to import old certificates to PKI ?
Certificates which are already issued and works if I would like to revoke some of them (someone leave the company) I can’t because the are not in cert storage in PKI engine.

Is there anything how to solve this ?

I know best solution is to create new CA but it’s impossible task right now.

Topic		Replies	Views
How to import existing CA and use it as a CA? Vault	1	1931	February 17, 2023
How can I fetch CRL for revoked certificate under externally imported CA in vault Vault	0	15	November 5, 2024
How to move Vault into his own intermediate? Vault	3	1470	March 11, 2021
Moving pki engine to another vault cluster Vault	5	1743	October 18, 2021
PKI storage revoke slowly Vault	0	210	June 2, 2021