Skip to content
/ vault-mtls Public

Demo using Vault as a private CA for mutual TLS auth

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lewis-od/vault-mtls

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
client
client
 
 
server
server
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
gen-certs.sh
gen-certs.sh
 
 
setup-vault.sh
setup-vault.sh
 
 

Repository files navigation

Mutual TLS Demo

Running in Docker

./setup-vault.sh docker

To run vault in docker and set it up as a CA using Terraform.

Then:

./gen-certs.sh docker

To generate TLS certificates for the client and server, and to download the CA's root certificate.

Finally:

docker-compose up --build

Will build the client and server applications, then run them in docker.

The client calls a HTTPS endpoint on the server every second, with Vault acting as the root certificate authority.

Running natively

To run natively on your machine, run the same first 2 commands above but without the docker argument.

In one terminal window, run:

cd server
go run main.go

to start the server. Then start the client in another terminal window with:

cd client
MTLS_SERVER=https://localhost:8443 go run main.go

ToDo

  • Implement mutual TLS (currently only one-way)
  • Add an intermediate CA
  • Deploy in k8s

About

Demo using Vault as a private CA for mutual TLS auth

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages