sethvargo/vault-secrets-gen

internal error 500

dunkelbunt1 opened this issue · 3 comments

I am currently experiencing the following issue and I am wondering if someone could help me out:
vault version v1.2.3

vault write genenerate/password length=36 symbols=0
Error writing data to gen/password: Error making API request.

URL: PUT https://127.0.0.1:8200/v1/gen/password
Code: 500. Errors:

  • 1 error occurred:
    * internal error

Hi @dunkelbunt1

Thank you for opening an issue. I just tested with Vault 1.2.3 and version v0.0.4 of this plugin (latest release) and cannot reproduce this issue.

Can you run your vault server with --log-level debug and share any output from the Vault server when this error occurs?

The issue was caused by an invalid tls certificate.

See below for the output of the log:
[ERROR] secrets.secrets-gen.secrets-gen_4f489714.secrets-gen.vault-secrets-gen: plugin tls init: error="error during token unwrap request: Put https://active.vault.service.test.devconsul:8200/v1/sys/wrapping/unwrap: x509: certificate is valid for vault.service.devconsul, localhost, active.vault.service.devconsul, standby.vault.service.devconsul, not active.vault.service.test.devconsul"
[DEBUG] secrets.secrets-gen.secrets-gen_4f489714.secrets-gen: plugin process exited: path=/home/vault/plugins/vault-secrets-gen pid=55577
[ERROR] rollback: error rolling back: path=gen/ error="Unrecognized remote plugin

After disabling TLS, it was working.

You can disable TLS by adding the following parameters.

listener "tcp" {
address = "0.0.0.0:8200"
tls_key_file = "/etc/vault.d/tls/vault-server.key"
tls_cert_file = "/etc/vault.d/tls/vault-server.pem"
tls_disable_client_certs = true
tls_disable = "true"
}