vault-pki

$npx mdskill add automateyournetwork/netclaw/vault-pki

Manages HashiCorp Vault PKI certificate infrastructure

  • Enables certificate lifecycle management for PKI infrastructure
  • Uses Vault PKI API and vault-mcp server for secure access
  • Executes commands based on user queries about issuers, roles, and certificates
  • Returns structured outputs for certificate actions and configurations
SKILL.md
.github/skills/vault-pkiView on GitHub ↗
---
name: vault-pki
description: "Manage HashiCorp Vault PKI certificate infrastructure."
version: 1.0.0
license: Apache-2.0
author: netclaw
tags: []
---

# Vault PKI Skill

Manage HashiCorp Vault PKI certificate infrastructure.

## Tools

| Tool | Description |
|------|-------------|
| `enable_pki` | Enable PKI secrets engine at a path |
| `create_pki_issuer` | Create a CA certificate issuer |
| `list_pki_issuers` | List configured issuers |
| `get_pki_issuer` | Get issuer details |
| `create_pki_role` | Create certificate issuing role |
| `list_pki_roles` | List PKI roles |
| `get_pki_role` | Get role configuration |
| `issue_certificate` | Issue certificate from role |
| `list_certificates` | List issued certificates |
| `revoke_certificate` | Revoke a certificate |

## Example Queries

```
List PKI roles in the network-pki engine

Issue a certificate for router-mgmt.example.com

Create a PKI role for network device certificates

Show issuers in the pki/network path
```

## Prerequisites

- `VAULT_ADDR` Vault server address
- `VAULT_TOKEN` Token with PKI management policy
- Optional: `VAULT_NAMESPACE` for Vault Enterprise

## Server

This skill uses the `vault-mcp` server which connects to Vault PKI API.
More from automateyournetwork/netclaw