I have a set of three servers that host HCV. I noticed that if I communicate with a sealed node, the request is not forwarded to the active node. To make life easier and have one host to connect to, I put an Apache HTTPD rev proxy in front of HCV.
I tried to create a health check like this:
ProxyHCTemplate vault hcinterval=30 hcmethod=HEAD11 hcpasses=1 hcfails=1 hcuri=/v1/sys/health
<Proxy balancer://vault>
BalancerMember https://host1:8200 hctemplate=vault
BalancerMember https://host2:8200 hctemplate=vault
BalancerMember https://host3:8200 hctemplate=vault
<Location /ui>
ProxyPass balancer://vault/ui
ProxyPassReverse balancer://vault/ui
<Location /vault>
ProxyPass balancer://vault/vault
ProxyPassReverse balancer://vault/vault
<Location /v1>
ProxyPass balancer://vault/v1
ProxyPassReverse balancer://vault/v1
I get an error that a client certificate can not be found:
downstream server wanted client certificate but none are configured
When I try to request the url with curl, I just get a correct reply with a status code that confirms the state the node is in as per the docs.
What am I missing?