Since a cert-based keypair contains a public key that chef-vault could extract, chef-vault should.
Chef Manage, for example, can extract the public key from the cert stored in the database users table and display it. https://github.com/chef/chef-manage/blob/master/src/chef-manage/lib/certificate_parser.rb#L10
Chef Server also handles both types of identity https://github.com/chef/chef-server/blob/608dbe94d15822a31849952e13549744fc40a702/src/oc_erchef/apps/chef_objects/src/chef_key_base.erl#L147-L171
Otherwise, customers are forced to regenerate new-style public/private keypairs for potentially lots of users. It causes unnecessary disruption in operations.
Since a cert-based keypair contains a public key that chef-vault could extract, chef-vault should.
Chef Manage, for example, can extract the public key from the cert stored in the database users table and display it. https://github.com/chef/chef-manage/blob/master/src/chef-manage/lib/certificate_parser.rb#L10
Chef Server also handles both types of identity https://github.com/chef/chef-server/blob/608dbe94d15822a31849952e13549744fc40a702/src/oc_erchef/apps/chef_objects/src/chef_key_base.erl#L147-L171
Otherwise, customers are forced to regenerate new-style public/private keypairs for potentially lots of users. It causes unnecessary disruption in operations.