Comments (5)
Can't reproduce with dev config. Looks like problem with persistent store.
from vault-pki-backend-venafi.
@carlskii are you still able to reproduce this issue? I was able to earlier but I can't any longer, even using Vault 1.2.3 and the 0.5.1 version of this secrets engine plugin. We have seen cases where having both store_by_cn and store_by_serial set to true sometimes causes storage of the certificate to fail as you've described. Because of that I'm probably going to update the README so that we're only setting one or the other in the examples and to caution that you should set only one to true.
from vault-pki-backend-venafi.
Issue could not be reproduced.
from vault-pki-backend-venafi.
Got the same issue but not easily reproducible.
Tried with MacOS on a Dev environment and the cert list wasn't returning. Destroyed that environment and recreated and was able to retrieve the cert list following the same steps.
Tried also on an Amazon Linux environment that has persistence with Consul. Cert list wasn't returning. I can share access to this environment for further testing if needed @tr1ck3r @arykalin
from vault-pki-backend-venafi.
Trying to reproduce but hitting a different issue in my environment. Monitor is locking up TPP API.
from vault-pki-backend-venafi.
Related Issues (20)
- Venafi role is missing allow_glob_domains feature HOT 3
- code:500. Error (Internal Error) HOT 4
- Venafi + Vault Health Checks
- Update go-plugin & Vault SDK to latest versions in order to support autoMTLS HOT 3
- golang version used for each release HOT 2
- Unable to obtain Certificate from MS ADCS with Validity < 24h
- Venafi PKI role allowed_domains parameter not being enforced HOT 1
- Wrong cert bundle and key returned in certain conditions HOT 3
- Add Certificate Format option for PKCS#12 HOT 2
- Support JWT as an authentication method
- Allow providing a nickname in certificate requests
- Chain in response to certificate requests differs from the native Vault PKI secrets engine HOT 1
- Error handling when trust_bundle_file is not specified HOT 8
- CA_Chain Property added to GET request
- Certificate TTL and Private Key Storage Question HOT 1
- Error writing data to Venafi secret venafi-pki/venafi/tpp: Error making API request. HOT 3
- Using store_by=cn setting of the PKI roles returns invalid cert bundles HOT 5
- Need explanation of error messages HOT 1
- Mismatched Keys on Certificate in Vault HOT 4
- service_generated_cert stores the private key in vault as encrypted HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vault-pki-backend-venafi.