haydentherapper
commented
2 years ago This is now supported with the KMS-backed signing CA - You can specify a Vault key path.
Closed nsmith5 closed 2 years ago
haydentherapper
commented
2 years ago This is now supported with the KMS-backed signing CA - You can specify a Vault key path.
Description
Would be cool if Fulcio could use Vault as its CA I think. Its already used in a lot of places to host internal certificate authorities and I can imagine a lot of operators (looks sideways at my own homelab) that would like to use this as the CA backend for Fulcio. Allows for horizontal scaling without using Google cloud (SoftHSM doesn't allow for this right?)