PENDING: this issue is flagged as NTH and depends on Hashcorp Vault support being added to commons secrets.
This issue can be closed once DJ supports Hashcorp Vault as a key manager provider. Using dsconfig it should be possible to configure a Hashcorp Vault key manager provider and use it for obtaining private keys used for TLS. The config framework should provide the following configurable properties:
- (TBC once commons secrets supports Hashcorp Vault)
- source code for the commons secrets key manager: https://stash.forgerock.org/projects/COMMONS/repos/forgerock-commons/browse/secrets/secrets-api/src/main/java/org/forgerock/secrets/SecretsKeyManager.java