Skip to content
/ ejbca-vault-pki-engine Public

EJBCA PKI Engine and Backend for HashiCorp Vault. Used to issue, sign, and revoke certificates using the EJBCA CA.

License

Apache-2.0 license
5 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Keyfactor/ejbca-vault-pki-engine

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits
.github
.github
 
 
cmd/ejbca-pki
cmd/ejbca-pki
 
 
docs
docs
 
 
docsource
docsource
 
 
.gitignore
.gitignore
 
 
.golangci.yml
.golangci.yml
 
 
.goreleaser.yaml
.goreleaser.yaml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
backend.go
backend.go
 
 
backend_test.go
backend_test.go
 
 
ca_utils.go
ca_utils.go
 
 
certs_util.go
certs_util.go
 
 
client.go
client.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
integration-manifest.json
integration-manifest.json
 
 
key_helper.go
key_helper.go
 
 
path_config.go
path_config.go
 
 
path_config_test.go
path_config_test.go
 
 
path_fetch.go
path_fetch.go
 
 
path_fetch_test.go
path_fetch_test.go
 
 
path_issue_sign.go
path_issue_sign.go
 
 
path_issue_sign_test.go
path_issue_sign_test.go
 
 
path_revoke.go
path_revoke.go
 
 
path_revoke_test.go
path_revoke_test.go
 
 
path_role.go
path_role.go
 
 
path_role_test.go
path_role_test.go
 
 
secret_certs.go
secret_certs.go
 
 
storage.go
storage.go
 
 

Repository files navigation

EJBCA Vault PKI Secrets Engine

Integration Status: production Valid for EJBCA Community Valid for EJBCA Enterprise Go Report Card

Overview

The EJBCA PKI Secrets Engine for HashiCorp Vault enables DevOps teams to request and retrieve certificates from EJBCA using HashiCorp Vault, while security teams retain control over backend PKI operations.

The secrets engine is built on top of the EJBCA REST API and uses the EJBCA Go Client SDK for programmatic access. The EJBCA PKI Secrets Engine is a Vault plugin that replicates the built-in Vault PKI secrets engine, but processes requests through EJBCA instead of through Vault. The plugin was designed to be swapped for the built-in Vault PKI secrets engine with minimal changes to existing Vault configurations.

Requirements

To build

To use

Getting Started

To get started with EJBCA PKI Secrets Engine for HashiCorp Vault, see Getting Started.

Community Support

In the Keyfactor Community, we welcome contributions. Keyfactor Community software is open-source and community-supported, meaning that no SLA is applicable. Keyfactor will address issues as resources become available.

Commercial Support

Commercial support is available for EJBCA Enterprise.

License

For license information, see LICENSE.

Related Projects

See all Keyfactor EJBCA GitHub projects.

About

EJBCA PKI Engine and Backend for HashiCorp Vault. Used to issue, sign, and revoke certificates using the EJBCA CA.

Topics

hashicorp-vault ejbca secrets-engine keyfactor-api-client

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

5 stars

Watchers

5 watching

Forks

2 forks
Report repository

Releases 32

1.5.0 Latest
Jul 19, 2024
+ 31 releases

Contributors 2

Languages