TLS enabled vault certificate rotation automation

We installed TLS enabled vault via [this] (Vault Installation to Minikube via Helm with TLS enabled | Vault | HashiCorp Developer) method in our kubernetes cluster. The helm chart version we used is 0.19.0. Now the certificate will expire after some time, and we need to manually create new certificate and put it as secret so that Vault server can take it up.
Can we use any tool to automate the certificate rotation like cert-manager or anything. If yes can you share us some documentation which we can refer.

I’m not aware of any pre-packaged solution for this.

AFAIK you can set up cert-manager, but then you end up needing to write some custom automation of your own, to poke the server process with a SIGHUP when the certificate has changed on disk and needs to be reloaded.

Hey maxb,
Thanks for this approach with cert-manager. Is there any wiki that I can refer for this creating certificate and ca with cert manager. Reloading and automation part I will figure out later…