PKI Secrets Engine for IoT certificates

I am able to start single pod deployment on Kubernetes and after PKI Secrets Engine initialization I was able to generate certificates & revoke it.

But I didn’t get how can I

  1. Get list of revoked certificates ?
  2. Get certificate Serial Number from certificate ?

appreciate any help on this

Your CRL will contain your List of Revoked Certificates, I suppose? :grinning:

If you have a certificate saved as a file, you can use openssl to get the serial number.

e.g. openssl x509 -serial -noout < my-cert.pem

What’s command I need to use to get list of revoked certificate ?

Following returns binary DER-encoded CRL

How do I get serial no from binary DER-encoded CRL ?

http api gives me

/ # curl
–header “X-Vault-Token: s.rfvtgb6XV0nzn57uVRTsip3H2G”

{“errors”:[“permission denied”]}