I am new to vault, so need direction.
I have current code that has vault create a cert, which returns a privateKey, which is stored in memory and used to sign JWTs. If the app goes down, the privateKey is lost, etc. The documentation says that vault doesn’t store privateKeys so don’t lose it. I was wondering if I should just turn around and store the returned privateKey back into vault, but I would need a security review on that one before I did it.
Comparing this to azure key vault(AKV). I can have azure sign a hash for me and use that to build my signed jwt, or pull the privateKeys from AKV and sign myself.
Is there a similar service/plugin that hashi vault provides?