Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [vault]

Questions about Hashicorp's Vault tool for managing secrets

39 questions
1
vote
1 answer

OCSP setup for Vault

I have vault setup running in container for PKI Secrets Engine and would like to add OCSP support for application to check if certificate is not revoked. I didn’t find any explanation on how to setup OCSP for vault also not clear information in any…
roy
  • 119
  • 1
  • 2
  • 12
1
vote
0 answers

Vault invalid certificate or no client certificate supplied - cert auth method

I have created a CA in Vault to handle my certificate creation. I've followed this guide here: https://learn.hashicorp.com/vault/secrets-management/sm-pki-engine I am trying to generate a client certificate using the pki secrets engine in Vault and…
Charles Wood
  • 11
  • 1
1
vote
0 answers

How to store Vault audit logs when running vault in a Docker container

I'm researching the various audit devices for Hashicorp Vault. My goal is to run Vault in a Docker environment (currently Docker Swarm). The File method is fairly straightforward, but I'm also interested in syslog. Has anyone successfully used the…
wsams
  • 121
  • 4
0
votes
1 answer

Trying to deploy vault:1.2.4 in kubernetes

I have been trying to bring up a Vault pod in K8!, I am using vault:1.2.4 and I have added the capability and config in the yaml as mentioned in the official docker page of vault But still, I always get the error: Error loading configuration from…
Ani
  • 32
  • 12
0
votes
2 answers

vault init hangs on kubernetes

I'm trying to set up an autosealing vault cluster in kubernetes but I'm seeing some strange behaviour. I have one vault providing the transit secret to autounseal the second vault . They are running in the same k8s cluster in separate namespaces.…
Javier PR
  • 101
  • 2
0
votes
1 answer

How to Use Azure Key Vault w/ Web App

I have an Azure Web App for a client project. The project also requires Azure SQL Databases and Blob Storage. All pieces mentioned are up and running but we've been told we can't have any password stored in the web.config or in the azure portal…
jrd1989
  • 628
  • 10
  • 35
0
votes
1 answer

Consul, vault and postgres containers don't communicate

I'm trying to set up Consul with Vault for secrets management for Postgres with Docker. Here is my configuration Dokcerfile: FROM python:3.6-slim ENV VAULT_VERSION 0.11.1 ENV CONSUL_VERSION 1.2.3 RUN apt-get update \ && apt-get install -y \ …
kebie
  • 141
  • 1
  • 1
  • 6
0
votes
0 answers

Secure access to bitbucket with hashicorp vault

Hashicorp vault helps us setup safe ssh access via certificates, but sometimes we can't setup certificate access on the host as is the case with bitbucket. What's the best alternative in this case ? Alternatives I can think of are: saving the…
ed__
  • 1
0
votes
0 answers

How do I edit a managed (hashicorp.cloud) HashiCorp Vault configuration file?

I'm testing out HashiCorp Vault using their developer tier managed offering while I'm figuring things out. The public URL looks kind of like this: https://vault-cluster-public-vault-00000000.00000000.yy.hashicorp.cloud:8200 This might be a…
André Christoffer Andersen
  • 191
  • 1
  • 11
0
votes
1 answer

Login to HashiCorp Vault with Kubernetes Auth from Pod with Vault CLI

TL;DR: What is the proper way to login from Vault CLI in a Kubernetes Pod using the Kubernetes Auth Method. I want to create regular snapshots from my HashiCorp Vault raft storage. So I created a Kubernetes CronJob running the same image as my Vault…
Max N.
  • 101
  • 1
0
votes
1 answer

Hashicorp Vault How Do I Login Headless From STDIN Using Bash Shell?

Given a Bash Shell say in a Docker container running on Gitlab, for example, how would I get the password to get passed in? When I login with this: $ vault login -method=ldap username=myusername It asks me for a password. How do I get the prompt…
Frederick Ollinger
  • 193
  • 1
  • 8
0
votes
0 answers

Apache 2.4 Forward proxy TLS connection refused

I am trying to run hashicorp vault server in a Docker container behind an Apache Forward Proxy (httpd v2.4; running in a container for testing purposes). Vault is set to use AWS KMS for Autounseal. However, vault gives the following error. No log…
Wanderer
  • 121
  • 6
0
votes
0 answers

How to re-use vault files in different Ansible Tower projects?

I have an Ansible Tower installation and a lot of playbooks in Gitlab projects. Several projects make use of vault files, i.e. they contain credentials for a VMware VCenter. Whenever I start a new project/playbook, I keep making copies of vault…
bornheim
  • 1
0
votes
2 answers

Oracle Cloud Native Environment setup with Vault faild on validating host names in certificate

I'm setting up OLCNE environment with Hashicorp Vault PKI, I successfully install agent, setup vault, certificates was generated but during module createion I have error that host name not match certificates. What I'm doing wrong? Inspecting…
Adam Wyżgoł
  • 101
  • 2
0
votes
1 answer

Is HashiCorp Vault the correct tool to store users sensitive information

Is Vault the correct tool to store sensitive information about users, eg. theirs pay rate or personal id? "Normal" employee/user must only have access to his own data but the users with accountancy role must have access to everyone data. Users are…
Bonana
  • 1
1
2
3