Hello,
We have Vault 1.15.5 installed and would like to use TLS certificates auth method.
Internally our CA platform is Microsoft AD. Can this be used With certificates issued by Microsoft CA platform without having the Vault to be configured as an Intermediate CA of Microsoft AD
The documentation is a little confusing: TLS Certificates - Auth Methods | Vault | HashiCorp Developer
It states : This engine can use external X.509 certificates as part of TLS or signature validation
A couple of lines bellow, it says : This method cannot read trusted certificates from an external source.
How can this work if it can’t read trusted certificates from an external source? In my case, Microsoft CA is external to Vault. Or is it meant for external source to the organisation?
How should we implement such a solution?
Best regards,
David