Hi @vmaddirala ,
For application-application authentication using CA, can you please take a look at this example
to see if it’s similar to what you’re trying to set up:
You should be able to store SSL, pem etc. files directly as variables in Conjur. To write certificate files using the Conjur CLI, you can cat the certificate file, e.g. something like this:
conjur variable values add ssl/certs/private "$(cat example_com.key)"
If you are using Summon to retrieve the certificates, you would likely want to have Summon retrieve the key/certificate into a local temp file using the
file syntax in your
SSL_CERT: !var:file ssl/certs/private
as described here
Sometimes there are issues in passing the multiline certificates, for example if you’re using
.env files. If this is the case, you may want to base64 encode the values before loading into Conjur, and then base64 decode the values after reading back from Conjur. Using base64 encoding converts the multiline key/certificate into a convenient single line value (that can later be base64 decoded back to the original multiline value).
Hope this helps,