The management of TLS certificates is a major issue for companies, especially in cloud environments. The current process of requesting certificates manually can lead to unsustainable long validity periods. To automate this process, HashiCorp Vault and JetStack Cert-Manager are used to create and manage the lifecycle of TLS certificates in a Kubernetes environment. The workflow involves deploying a Vault server as the root PKI and intermediate CA, and integrating it with JetStack Cert-Manager, which checks for certificate changes and requests new certificates from Vault when necessary. Terraform is used to automate the deployment and configuration of the components, including Helm, Kubernetes provider, and Vault provider. The demo uses a Java application and a Kubernetes cluster, and the process is repeated to deploy the application with a TLS ingress route configured and validated by the PKIaaS.