I was looking for ways to store encryption keys (SSL, pem, etc) files in Conjur, while I did not find much information on that yet, I ran into a couple of github links that talk about Conjur CA services.
Can you please take a look and suggest if there is a feature available for application-application auth using CA?
Also, looking for you your input on storing and retrieving the encryption keys and other files into Conjur.
For application-application authentication using CA, can you please take a look at this example
to see if itâs similar to what youâre trying to set up:
You should be able to store SSL, pem etc. files directly as variables in Conjur. To write certificate files using the Conjur CLI, you can cat the certificate file, e.g. something like this:
If you are using Summon to retrieve the certificates, you would likely want to have Summon retrieve the key/certificate into a local temp file using the file syntax in your secrets.yml file:
Sometimes there are issues in passing the multiline certificates, for example if youâre using .env files. If this is the case, you may want to base64 encode the values before loading into Conjur, and then base64 decode the values after reading back from Conjur. Using base64 encoding converts the multiline key/certificate into a convenient single line value (that can later be base64 decoded back to the original multiline value).