PKI workloads can be hosted in either the cloud or on-premises, each with its own advantages and disadvantages. Cloud-based PKI provides agility, ease of use, and reduced operational overhead, while self-managed PKI offers more options to customize and meet specific security and compliance requirements. HashiCorp's cloud PKI functionality resides in HashiCorp Cloud Platform (HCP) Vault, a fully managed implementation of Vault that allows organizations to get up and running quickly. With HCP Vault, organizations can secure, store, and tightly control access to tokens, passwords, certificates, and encryption keys within one unified cloud-based platform. Self-managed PKI environments also have their benefits, including the ability to customize and meet specific security and compliance requirements. Ultimately, both cloud-based and self-managed PKI solutions have their pros and cons, and organizations should consider their particular needs when choosing how and where to host their PKI environment.