Hello, I am using in one of my project the PKI engine from vault. I have setup CA and subCA, although made a mistake while configuring it. When i configued subCA I didnt backup the private key. I only have PK for root CA. Our security requirement is to backup all private keys. My question is how to retrieve the private key from Vault?
I would like to avoid regenerating subCA.
Worst case if I cant do that how do I generate private key while writing the subCA using command
vault
write
-field
=csr /intermediate/generate/internal \
common_name=
"xo.com"
\
country=
"US"
\
province=
"California"
\
locality=
"x"
\
organization=
"z"
\
ou=
"VMC"
\
key_type=
"ec"
\
key_bits=384\
private_key_format=
"pem"
\
exclude_cn_from_sans=true \
>1.csr