ricardoptcosta
Reputation: 11
Hashicorp's Vault CLI does not store authentication token in token helper
After I login to my Vault with TLS authentication
vault login -method=cert \
-ca-cert=/path/to/ca/cert \
-client-cert=/path/to/client/cert \
-client-key=/path/to/client/key
I would expect the returned token to be updated at ~/.vault-token. However it is not. For instance, running $ vault status returns
x509: certificate signed by unknown authority
I can work around this by adding -ca-cert=path/to/ca/cert to every subsequent requests but it is not ideal. Any idea what is causing this?
Upvotes: 0
Views: 580
Answers (1)
ricardoptcosta
Reputation: 11
I had installed Vault CLI with snap package manager. The problem seems to be created by it.
Removing that installation (don't forget to remove ~/snap/vault folder) and then installing it via apt-get fixed the issue.
Upvotes: 1
Related Questions
- How to login HashiCorp Vault using curl command
- getting "missing client token" while accessing get API of hashicorp vault
- Reading secrets from Vault CLI
- "Missing client token" when authenticating with login/pass on Hashicorp Vault
- hashicorps Vault cli "bad certificate" error after successful login
- hashicorp vault - unable to list a secret using the API but can successfully verify using CLI
- Hashicorp Vault tls cert authentication does not read certificate
- Kubernetes to Vault Authentication Failure
- Why does creating token result in "parent token lookup failed"
- Vault Token Helper not being detected?