luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Document agent injecting PKI CAs (#15930) 

* Document agent injecting PKI CAs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Remove extra empty-string conditional
This commit is contained in:
Alexander Scheel 2022-06-13 13:15:54 -04:00 committed by GitHub
parent 9ffa7ae257
commit 28916301c1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
website/content/docs/agent/template.mdx
View File

@ -64,6 +64,16 @@ through this function will be based on the certificate's expiration.
{{ pkiCert "pki/issue/my-domain-dot-com" "common_name=foo.example.com" }}
```
To fetch the issuing CA for this mount, use:
```
{{- with secret "pki/cert/ca" -}}
{{ .Data.certificate }}
{{- end -}}
```
Alternatively, `pki/cert/ca_chain` can be used to fetch the full CA chain.
## Global Configurations
The top level `template_config` block has the following configuration entries that affect