I deployed Redis with TLS and now I cannot connect to it anymore.
If trying to recreate the connection:
vault write database/config/redis plugin_name=redis-database-plugin host=redis.redis-ns.svc port=6379 username=default password=pass allowed_roles=redis tls=true ca_cert=$REDIS_CACERT
it will say:
* error creating database object: error verifying connection: failed to parse root certificate
What should I do in order to be able to make this to work?
Any ideas on this one please?
I founded the issue. It seems if I’ll send the certificate just as a string [like echoing it] it will not work
What I did is something like
CERT=$(sed '1d;$d' /etc/ssl/redis-ca-certificate.crt | tr -d '\n' | sed 's/^/-----BEGIN CERTIFICATE-----\\n/' | sed 's/$/\\n-----END CERTIFICATE-----/')
echo -e "$CERT" > redis_cert
...
ca_cert=$(cat redis_cert)
You are lacking quotes around your variable expansion, so the shell expands it into multiple parameters, incorrectly.