Questions about Hashicorp's Vault tool for managing secrets
Questions tagged [vault]
39 questions
1
vote
1 answer
OCSP setup for Vault
I have vault setup running in container for PKI Secrets Engine and would like to add OCSP support for application to check if certificate is not revoked. I didn’t find any explanation on how to setup OCSP for vault also not clear information in any…
![](../../users/profiles/239421.webp)
roy
- 119
- 1
- 2
- 12
1
vote
0 answers
Vault invalid certificate or no client certificate supplied - cert auth method
I have created a CA in Vault to handle my certificate creation. I've followed this guide here: https://learn.hashicorp.com/vault/secrets-management/sm-pki-engine
I am trying to generate a client certificate using the pki secrets engine in Vault and…
![](../../users/profiles/578649.webp)
Charles Wood
- 11
- 1
1
vote
0 answers
How to store Vault audit logs when running vault in a Docker container
I'm researching the various audit devices for Hashicorp Vault. My goal is to run Vault in a Docker environment (currently Docker Swarm). The File method is fairly straightforward, but I'm also interested in syslog. Has anyone successfully used the…
![](../../users/profiles/312516.webp)
wsams
- 121
- 4
0
votes
1 answer
Trying to deploy vault:1.2.4 in kubernetes
I have been trying to bring up a Vault pod in K8!, I am using vault:1.2.4
and I have added the capability and config in the yaml as mentioned in the official docker page of vault
But still, I always get the error:
Error loading configuration from…
![](../../users/profiles/185154.webp)
Ani
- 32
- 12
0
votes
2 answers
vault init hangs on kubernetes
I'm trying to set up an autosealing vault cluster in kubernetes but I'm seeing some strange behaviour.
I have one vault providing the transit secret to autounseal the second vault . They are running in the same k8s cluster in separate namespaces.…
![](../../users/profiles/527582.webp)
Javier PR
- 101
- 2
0
votes
1 answer
How to Use Azure Key Vault w/ Web App
I have an Azure Web App for a client project. The project also requires Azure SQL Databases and Blob Storage. All pieces mentioned are up and running but we've been told we can't have any password stored in the web.config or in the azure portal…
![](../../users/profiles/276604.webp)
jrd1989
- 628
- 10
- 35
0
votes
1 answer
Consul, vault and postgres containers don't communicate
I'm trying to set up Consul with Vault for secrets management for Postgres with Docker. Here is my configuration
Dokcerfile:
FROM python:3.6-slim
ENV VAULT_VERSION 0.11.1
ENV CONSUL_VERSION 1.2.3
RUN apt-get update \
&& apt-get install -y \
…
![](../../users/profiles/440577.webp)
kebie
- 141
- 1
- 1
- 6
0
votes
0 answers
Secure access to bitbucket with hashicorp vault
Hashicorp vault helps us setup safe ssh access via certificates, but sometimes we can't setup certificate access on the host as is the case with bitbucket.
What's the best alternative in this case ? Alternatives I can think of are: saving the…
![](../../users/profiles/981731.webp)
ed__
- 1
0
votes
0 answers
How do I edit a managed (hashicorp.cloud) HashiCorp Vault configuration file?
I'm testing out HashiCorp Vault using their developer tier managed offering while I'm figuring things out. The public URL looks kind of like this: https://vault-cluster-public-vault-00000000.00000000.yy.hashicorp.cloud:8200
This might be a…
![](../../users/profiles/284873.webp)
André Christoffer Andersen
- 191
- 1
- 11
0
votes
1 answer
Login to HashiCorp Vault with Kubernetes Auth from Pod with Vault CLI
TL;DR: What is the proper way to login from Vault CLI in a Kubernetes Pod using the Kubernetes Auth Method.
I want to create regular snapshots from my HashiCorp Vault raft storage. So I created a Kubernetes CronJob running the same image as my Vault…
![](../../users/profiles/976749.webp)
Max N.
- 101
- 1
0
votes
1 answer
Hashicorp Vault How Do I Login Headless From STDIN Using Bash Shell?
Given a Bash Shell say in a Docker container running on Gitlab, for example, how would I get the password to get passed in?
When I login with this:
$ vault login -method=ldap username=myusername
It asks me for a password.
How do I get the prompt…
![](../../users/profiles/447613.webp)
Frederick Ollinger
- 193
- 1
- 8
0
votes
0 answers
Apache 2.4 Forward proxy TLS connection refused
I am trying to run hashicorp vault server in a Docker container behind an Apache Forward Proxy (httpd v2.4; running in a container for testing purposes). Vault is set to use AWS KMS for Autounseal. However, vault gives the following error. No log…
![](../../users/profiles/339284.webp)
Wanderer
- 121
- 6
0
votes
0 answers
How to re-use vault files in different Ansible Tower projects?
I have an Ansible Tower installation and a lot of playbooks in Gitlab projects. Several projects make use of vault files, i.e. they contain credentials for a VMware VCenter.
Whenever I start a new project/playbook, I keep making copies of vault…
![](../../users/profiles/959314.webp)
bornheim
- 1
0
votes
2 answers
Oracle Cloud Native Environment setup with Vault faild on validating host names in certificate
I'm setting up OLCNE environment with Hashicorp Vault PKI, I successfully install agent, setup vault, certificates was generated but during module createion I have error that host name not match certificates. What I'm doing wrong? Inspecting…
![](../../users/profiles/196534.webp)
Adam Wyżgoł
- 101
- 2
0
votes
1 answer
Is HashiCorp Vault the correct tool to store users sensitive information
Is Vault the correct tool to store sensitive information about users, eg. theirs pay rate or personal id?
"Normal" employee/user must only have access to his own data but the users with accountancy role must have access to everyone data. Users are…
![](../../users/profiles/865211.webp)
Bonana
- 1