To encrypt your secret with the transit secrets engine, you must send the Base32-encoded plaintext to Vault.
To encrypt your secret with the transit secrets engine, you must send the Base32-encoded plaintext to Vault.
To encrypt your secret with the transit secrets engine in Vault, you must send the Base64-encoded plaintext. This requirement ensures that the data can be safely transported as part of a JSON payload, even if the plaintext is a binary file such as a PDF or image.
False, it must be Base64.
B https://developer.hashicorp.com/vault/docs/secrets/transit Section Usage NOTE: All plaintext data must be base64-encoded. The reason for this requirement is that Vault does not require that the plaintext is "text". It could be a binary file such as a PDF or image. The easiest safe transport mechanism for this data as part of a JSON payload is to base64-encode it.