Vault

Vault charmers
Security

Architecture:

Base version:

Channel	Revision	Published	Runs on
latest/edge	383	23 Aug 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	367	25 Jul 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	364	23 Jul 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	363	23 Jul 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	336	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	335	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	334	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	333	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	332	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	331	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	330	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	329	20 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	220	20 Jan 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	216	19 Jan 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	214	19 Jan 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	213	19 Jan 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	109	18 Apr 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	79	02 Aug 2022	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
1.8/stable	372	26 Jul 2024	Ubuntu 22.04
1.8/edge	164	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	162	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	161	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	159	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	157	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	156	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	155	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	154	09 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	140	07 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	138	04 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	135	04 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge	131	04 Aug 2023	Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.16/stable	387	12 Sep 2024	Ubuntu 22.04
1.16/candidate	387	12 Sep 2024	Ubuntu 22.04
1.16/beta	387	12 Sep 2024	Ubuntu 22.04
1.16/edge	391	09 Oct 2024	Ubuntu 22.04
1.15/stable	357	24 Jul 2024	Ubuntu 22.04
1.15/candidate	357	24 Jul 2024	Ubuntu 22.04
1.15/beta	357	24 Jul 2024	Ubuntu 22.04
1.15/edge	376	31 Jul 2024	Ubuntu 22.04
1.7/stable	371	26 Jul 2024	Ubuntu 22.04 Ubuntu 20.04
1.6/stable	369	26 Jul 2024	Ubuntu 20.04 Ubuntu 18.04
1.5/stable	370	26 Jul 2024	Ubuntu 20.04 Ubuntu 18.04

Learn to deploy on juju >

Platform:

24.04 23.10 23.04 22.10 22.04 20.04 18.04

Relevant links

Discuss this charm

Share your thoughts on this charm with the community on discourse.

Join the discussion

Use Vault as an intermediate CA

In this how-to guide, we will configure Vault to act as an intermediate Certificate Authority (CA) using Vault’s PKI secrets engine. Here self-signed-certificates will be the parent CA and tls-certificates-requirer will be the charm requesting a certificate to Vault.

The certificates issued by Vault will have a validity period that is half of its intermediate CA’s, which is determined by the root provider’s configuration, in this case, the self-signed certificates.

Configure Vault’s common name

Note: Vault PKI will only allow issuing certificates for the subdomains of the common_name configured here, it will reject any requests using differnt domains in their subject.

juju config vault common_name=mydomain.com

Deploy the parent CA

juju deploy self-signed-certificates

Integrate Vault with its parent CA

juju integrate vault:tls-certificates-pki self-signed-certificates

Deploy tls-certificates-requirer

juju deploy tls-certificates-requirer --config common_name=demo.mydomain.com

Integrate TLS Certificates Requirer with Vault

juju integrate tls-certificates-requirer vault:vault-pki

Retrieve the certificate

juju run tls-certificates-requirer/leader get-certificate

Help improve this document in the forum (guidelines). Last updated 29 days ago.