Script failing on NEWPASS generation
paologod opened this issue · 3 comments
paologod commented
Hi,
I'm trying to use this script on a Windows Server 2016, but I got stuck during the password generation.
This is the line involved:
$NEWPASS = (Invoke-RestMethod -Headers @{"X-Vault-Token" = ${VAULT_TOKEN}} -Method POST -Body "{`"length`":`"36`",`"symbols`":`"0`"}" -Uri ${VAULT_ADDR}/v1/gen/password).data.value
When I run the script, I got the following error:
_Invoke-RestMethod : {"errors":["1 error occurred:\n\t* internal error\n\n"]}
At C:\Scripts\rotate-windows-passwords\rotate_windows_password.ps1:36 char:13
+ $NEWPASS = (Invoke-RestMethod -Headers @{"X-Vault-Token" = ${VAULT_TO ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
ConvertTo-SecureString : Cannot bind argument to parameter 'String' because it is null.
At C:\Scripts\rotate-windows-passwords\rotate_windows_password.ps1:39 char:38
+ $SECUREPASS = ConvertTo-SecureString $NEWPASS -AsPlainText -Force
+ ~~~~~~~~
+ CategoryInfo : InvalidData: (:) [ConvertTo-SecureString], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand_
If I hardcode the password:
$NEWPASS = mycomplexpasswordhere
Everything works perfectly, so this means environment variables and policies are correctly set.
Any idea what could be the issue?
Thanks!
sethvargo commented
The response indicates Vault returned an error. You need to check the Vault server logs to get more information.
paologod commented
Thank you, looking at the logs I found out there's a tls init error. Checking this out.
github-actions commented
This issue is stale because it has been open for 14 days with no
activity. It will automatically close after 7 more days of inactivity.