Vault

JFrog Platform Administration Documentation

Content Type
Administration / Platform
ft:sourceType
Paligo

Subscription Information

This feature is supported with Enterprise X and Enterprise+ licenses.

The JFrog Platform integration with HashiCorp Vault enables you to configure an external vault connector to use as a centralized secret management tool for the keys used to sign packages. The JFrog Platform integration with vault supports multiple signing key types, such as GPG or RSA used to sign packages or release bundles. This allows you to store JFrog Platform signing keys that are used for packages authentication in several formats such as Debian, Opkg and YUM or signing JFrog Distribution Release Bundles.

WebUI Changes implemented in Artifactory 7.38.x and above

Security is now called Authentication Providers. All the relevant text and images on this page have been updated to reflect this change.

Vault integration provides you with capabilities such as:

  • Generate and manage the keys used to sign packages in a centralized tool if you have established security and compliance policies in your organization.

  • Rotate keys regularly, such as on a monthly or quarterly basis.

  • Maintain multiple secrets through a vault.

Note

The HashiCorp Vault integration does not support HCP Vault.