Error when plugin is active
jvanbruegge opened this issue · 4 comments
Hi,
when I have the plugin active (with TLS enabled and a custom CA), I constantly get this error:
2019-02-05T17:47:31.342Z [INFO] expiration: revoked lease: lease_id=sys/wrapping/wrap/hf15f70dba699a59b4ef1802794f39ef7ead56e1661b6802d72d22808d05a926b
2019-02-05T17:47:31.476Z [ERROR] secrets.secrets-gen.secrets-gen_0d8f6fba.secrets-gen.vault-secrets-gen: plugin tls init: error="error during token unwrap request: secret is nil" timestamp=2019-02-05T17:47:31.476Z
2019-02-05T17:47:31.479Z [INFO] http: TLS handshake error from 172.17.0.4:60378: remote error: tls: bad certificate
2019-02-05T17:47:31.482Z [ERROR] rollback: error rolling back: path=gen/ error="plugin exited before we could connect"
and I also cannot generate passwords.
Do I have to add my CA cert to the containers system trust?
Hi @jvanbruegge
Can you share the steps you took to install the plugin?
@jefferai do plugins need to be recompiled to work with Vault 1.0+?
@sethvargo I am using a custom dockerfile and a bash script to enable the plugin.
I also recall seeing a grpc error on vault startup, but I am on mobile and can't give you the exact error now
This seems related to hashicorp/go-plugin#94, but you should be getting a timeout error, not a TLS error. Let's wait for that to be fixed and then see if it's still happening?
Just verified fixed