Is there any way I can register chef client node with my chef server without storing the client.pem on the node ?
Is a Vault integration possible here to manage the authorization OR any other methods ?
Not really, no. You can use chef-zero instead of a Chef server,
I'd like to understand more of the core concern about storing that key as it's standard practice to do so.
That pem is very limited in its scope, and can be further tuned to your organizations preference.
Chef zero removes the need for the client pem, but introduces a need to ensure cookbook and run list integrity.
-Mobile Galen
We are just looking to avoid storing the private key physically on the Chef node.
Chef Zero will not fit into the requirement as it is not for production use.