Searching for Certificates by Attributes in HashiCorp Vault

Hello everyone,

I’ve been using HashiCorp Vault for managing my certificates, and overall, it has been a great experience. However, I’ve run into a bit of a snag when it comes to searching for certificates based on their attributes, e.g: common name.

Currently, the only way I’ve found to search for a certificate within Vault is by using its Serial Number. While this works, it becomes quite cumbersome when dealing with a large number of certificates. It involves manually checking each certificate, which isn’t efficient, especially when you have dozens of certificates to manage.

I was wondering if anyone has found a better way to search for certificates within HashiCorp Vault? Specifically, I’m looking for a method to search by attributes like the common name or any other identifier associated with the certificate. Having the ability to search by attributes would greatly streamline certificate management tasks and improve overall efficiency.

If anyone has any insights, tips, or workarounds they’ve discovered, I’d greatly appreciate hearing about them. Additionally, if there are any features or improvements planned in future releases of Vault that address this issue, I’d love to learn more about them.

Thank you in advance for any assistance you can provide!

Best regards,
Luciano Sampaio

While I wasn’t doing this with Vault, in a previous role I had a step at the end of the process to write information about the certificate to an external database/inventory system. I do not have any insight if this is planned, but may be worth opening a feature request in the Vault GitHub repository.