You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This config leads to an "invalid secret id" error if I create the ClusterIssuer resource.
I0226 11:18:54.400160 1 setup.go:104] clusterissuer-general: Failed to initialize Vault client: error logging in to Vault server: Error making API request.
URL: POST https://***:8200/v1/auth/approle/login
Code: 400. Errors:
* invalid secret id
If I increase the "secret_id_num_uses": 1 to 2 the ClusterIssuer resource can be created without any error. But if I create a Certificate resource I again hit the invalid secret id error. I run into no errors if I set the secret_id_num_uses to 0 (infinite). This way the secret_id is basically treated as a token.
Why is cert-manager login in to its approle multiple times? In my opinion it should log in once, which returns a vault token. After that further API requests should use the vault token.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi
I set up a ClusterIssuer using Hashicorps Vault. Authentication is done using approle pull auth.
approle config:
This config leads to an "invalid secret id" error if I create the ClusterIssuer resource.
If I increase the
"secret_id_num_uses": 1
to2
the ClusterIssuer resource can be created without any error. But if I create a Certificate resource I again hit theinvalid secret id
error. I run into no errors if I set thesecret_id_num_uses
to0
(infinite). This way the secret_id is basically treated as a token.Why is cert-manager login in to its approle multiple times? In my opinion it should log in once, which returns a vault token. After that further API requests should use the vault token.
Beta Was this translation helpful? Give feedback.
All reactions