Vault-Agent: generate dependent files (certificates) with templates?

paul.puschmann · November 15, 2022, 10:34am

Hi,

is it possible to configure templates with vault-agent to depend on each other?

Idea: generate key + certificate for some webserver, in separate files.
certificate is belonging to the current key-file.

A current experiment shows that the certificate isn’t signed by the correct key.

How could I solve this?

paul.puschmann · November 15, 2022, 11:05am

Okay, of course I now solved this on my own

I just found out the metadata of the requested secrets has to be identical.

The two template-files should just differ in the output-blocks:

.Data.private_key vs. .Data.certificate

Topic		Replies	Views
Vault Agent template Vault	0	359	March 2, 2020
Temp files created when using templates for certificates in vault agent Vault consul-template , vault	0	238	June 26, 2023
Vault agent to renew cert Vault	13	1311	March 5, 2024
Vault agent - Deploy TLS certificate and key and restart service only once Vault	4	599	February 8, 2022
Vault Process supervisor and template stanza Vault	1	198	July 8, 2023