-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vault-generated private keys throw FailedToConstructPrivateKey errors #91
Comments
My hunch is that the keys are RSA keys and they either are missing the Chinese Remainder Theorem (CRT) parameters or they have the CRT parameters but parameter |
@briansmith I believe you're correct; these are RSA keys, and looking at Vault's It does seem like the |
Hello-
I've deployed linkerd as well as a couple sample applications with linkerd-tcp containers. We've successfully applied cfssl and openssl certificates and keys, but are having trouble with keys generated with Vault. Our pk8-encoded key will throw the error "WrongNumberOfKeysInPrivateKeyFile" and our regular .key file will throw "FailedToConstructPrivateKey" errors. There does not appear to be any errors with the certificates on the client side. We have similar vault-generated certs that work with our main linkerd service mesh.
client configuration:
server configuration:
Is there any reason that this may be happening to Vault keys and not other private keys?
The text was updated successfully, but these errors were encountered: