Hey,
in the documentation of vault and juju there are two ways of using vault one is to use it as a CA the other is to use it like an intermediate to a CA like let’s encrypt.
For my understanding, the second way is only possible if you generate a new certificate request with vault, have it signed and hand it back to vault again.
But what do you do if you already got a signed SSL cert for a domain, like from an early deployment or whatever.
I would like to have suggestions to issue that certificates to all charms that have like os-public-hostname=domain.bla.com
Maybe I don’t get the full picture or so or my understanding is not right.
Help is really appreciated.