What protocol does Vault use for secure communication?

HashiCorp Vault utilizes HTTPS for secure communication. HTTPS, which stands for Hypertext Transfer Protocol Secure, extends HTTP by adding a layer of security through Transport Layer Security (TLS). This encryption ensures that the data transmitted between the client and the Vault server remains confidential and integral, protecting it from being intercepted or tampered with by malicious actors.

Using HTTPS is crucial for Vault, as it often handles sensitive information such as secrets, tokens, and various types of confidential data. The TLS encryption not only secures the information but also helps in authenticating the parties involved in the communication, thereby enhancing the overall security posture of systems leveraging Vault.

Other protocols mentioned do not provide the same level of security. FTP, for example, transmits data without encryption, making it vulnerable to eavesdropping. HTTP, while more widely used than FTP, also lacks the encryption that HTTPS provides, which exposes data to security risks. SSH, while a secure protocol, is generally used for secure shell access rather than for API communication like Vault employs. Thus, the choice of HTTPS aligns perfectly with Vault’s requirement for secure, reliable, and encrypted communications.