I’ve been using StepCA in the GDC for a little while now, you can see how I set it up here. While StepCA was great I’ve decided to step away from it for a couple of reasons. StepCA was falling over way too often and I’d have to restart the container, then re-issue all the expired certs. I wanted to implement HashiCorp Vault for application secrets. Vault has PKI capability so it just made sense to consolidate the two.