You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was a bit suprised that the API check uses the ip address of a vault host instead of the FQDN. Is there specific reasoning behind this?
As it uses the ip address by default for checking the API perhaps this should be mentioned in the README.md so that people generate the certs with an alt name or change the vault_api_addr variable. For now I changed the vault_api_addr variable to:
vault_api_addr: "{{ vault_protocol }}://{{ ansible_fqdn }}:{{ vault_port }}"
It then starts using the fqdn. For those who use self-signed certs make sure the CA is trusted on the node or the API check will fail!
The text was updated successfully, but these errors were encountered:
I was a bit suprised that the API check uses the ip address of a vault host instead of the FQDN. Is there specific reasoning behind this?
As it uses the ip address by default for checking the API perhaps this should be mentioned in the README.md so that people generate the certs with an alt name or change the vault_api_addr variable. For now I changed the vault_api_addr variable to:
vault_api_addr: "{{ vault_protocol }}://{{ ansible_fqdn }}:{{ vault_port }}"It then starts using the fqdn. For those who use self-signed certs make sure the CA is trusted on the node or the API check will fail!
The text was updated successfully, but these errors were encountered: