You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Populate ca.crt from the vault issuing_ca field the Kubernetes secret created by VaultPKISecret if the target secret is of type kuberntes.io/tls. Many Kubernetes applications expect a CA to be located at that key and this would obviate the need for separate CA ConfigMaps or Secrets in many cases. This is especially useful because Vault works great as a cluster CA, but would also simplify the rollout of new trust anchors when the CA is updated or rotated.
The text was updated successfully, but these errors were encountered:
Populate
ca.crt
from the vaultissuing_ca
field the Kubernetes secret created byVaultPKISecret
if the target secret is of typekuberntes.io/tls
. Many Kubernetes applications expect a CA to be located at that key and this would obviate the need for separate CAConfigMaps
orSecrets
in many cases. This is especially useful because Vault works great as a cluster CA, but would also simplify the rollout of new trust anchors when the CA is updated or rotated.The text was updated successfully, but these errors were encountered: