Will hashicorp provide client certificate truststore for an API

varuntejay · December 3, 2019, 12:34pm

Hello guys,

Following is my requirement:
Our API application shoud use mutual tls, which will allow only API calls made using trusted certificates.
To acomplish this, I’m looking for a trust store, where I’ll add all of my client certificates to it.
Can you please let me know, if HashiCorp vault has that truststore feature, where I could verify weather client certificate is already trusted or not?

Thank you in advance.

Regards,
Varun

r4yv3n · March 5, 2020, 4:25pm

Did you ever find your answer?

Why would you want to store client certs in a truststore when it’s not necessary?

ttinkr · May 14, 2020, 12:26pm

I am searching for a similar thing…the configuration of OIDC rejects the cert of my IDP, because it is signed by another CA then vault itself. Any hints how to achieve this?

Update: Nevermind, I found the parameter oidc_discovery_ca_pem

Topic		Replies	Views
OIDC setup with client certificates Vault	3	427	June 2, 2022
Certificates Signed by a Public CA Vault	2	392	December 2, 2021
How to use certificates generated from Hashicorp into Java side Vault	0	508	June 27, 2020
Vault as an OAuth/OIDC Identity Provider Vault	7	3024	December 13, 2021
Vault cert auth Vault vault	4	1021	April 7, 2022

Will hashicorp provide client certificate truststore for an API

Related topics