Could not set plugin, plugin directory is not configured

This post was flagged by the community and is temporarily hidden.

Would you please delete the post? Seems to be a duplicate.

but how to fix this issue & also i cant find duplicate question,can u please help

You have withdrawn your duplicate already. Everything is fine.

Can you please post your exact history of the steps 1 to 5? I think there should be your issue.

  1. wget https://github.com/Venafi/vault-pki-backend-venafi/releases/download/v0.7.1/venafi-pki-backend_v0.7.1+943_linux.zip
    2.unzip venafi-pki-backend_v0.7.1+943_linux.zip
    3.mv venafi-pki-backend /private/etc/vault/vault_plugins/

  2. Vault server -dev
    ==> Vault server configuration:

          Api Address: http://127.0.0.1:8200
                  Cgo: disabled
      Cluster Address: https://127.0.0.1:8201
           Go Version: go1.15.2
           Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
            Log Level: info
                Mlock: supported: false, enabled: false
        Recovery Mode: false
              Storage: inmem
              Version: Vault v1.5.4
          Version Sha: 1a730771ec70149293efe91e1d283b10d255c6d1+CHANGES
    
          WARNING! dev mode is enabled! In this mode, Vault runs entirely in-memory
         and starts unsealed with a single unseal key. The root token is already
         authenticated to the CLI, so you can immediately begin using Vault.
    
         You may need to set the following environment variable:
    
          $ export VAULT_ADDR='http://127.0.0.1:8200'
    
          The unseal key and root token are displayed below in case you want to
          seal/unseal the Vault or re-authenticate.
    
       Unseal Key: <>
      Root Token: <>
    
       Development mode should NOT be used in production installations!
    
      ==> Vault server started! Log data will stream in below:
    
           2020-10-03T18:11:34.115+0530 [INFO]  proxy environment: http_proxy= https_proxy=          no_proxy=
          2020-10-03T18:11:34.115+0530 [WARN]  no `api_addr` value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this value should be manually set
            2020-10-03T18:11:34.116+0530 [INFO]  core: security barrier not initialized
           2020-10-03T18:11:34.116+0530 [INFO]  core: security barrier initialized: stored=1 shares=1 threshold=1
       2020-10-03T18:11:34.118+0530 [INFO]  core: post-unseal setup starting
         2020-10-03T18:11:34.127+0530 [INFO]  core: loaded wrapping token key
        2020-10-03T18:11:34.127+0530 [INFO]  core: successfully setup plugin catalog: plugin-directory=
        2020-10-03T18:11:34.127+0530 [INFO]  core: no mounts; adding default mount table
       2020-10-03T18:11:34.128+0530 [INFO]  core: successfully mounted backend: type=cubbyhole path=cubbyhole/
       2020-10-03T18:11:34.128+0530 [INFO]  core: successfully mounted backend: type=system path=sys/
      2020-10-03T18:11:34.129+0530 [INFO]  core: successfully mounted backend: type=identity path=identity/
       2020-10-03T18:11:34.132+0530 [INFO]  core: successfully enabled credential backend: type=token path=token/
       2020-10-03T18:11:34.133+0530 [INFO]  core: restoring leases
      2020-10-03T18:11:34.133+0530 [INFO]  rollback: starting rollback manager
      2020-10-03T18:11:34.133+0530 [INFO]  identity: entities restored
     2020-10-03T18:11:34.133+0530 [INFO]  identity: groups restored
      2020-10-03T18:11:34.133+0530 [INFO]  core: post-unseal setup complete
      2020-10-03T18:11:34.133+0530 [INFO]  expiration: lease restore complete
     2020-10-03T18:11:34.134+0530 [INFO]  core: root token generated
      2020-10-03T18:11:34.134+0530 [INFO]  core: pre-seal teardown starting
        2020-10-03T18:11:34.134+0530 [INFO]  rollback: stopping rollback manager
       2020-10-03T18:11:34.134+0530 [INFO]  core: pre-seal teardown complete
       2020-10-03T18:11:34.134+0530 [INFO]  core.cluster-listener.tcp: starting listener: listener_address=127.0.0.1:8201
       2020-10-03T18:11:34.134+0530 [INFO]  core.cluster-listener: serving cluster requests: cluster_listen_address=127.0.0.1:8201
      2020-10-03T18:11:34.134+0530 [INFO]  core: post-unseal setup starting
      2020-10-03T18:11:34.134+0530 [INFO]  core: loaded wrapping token key
      2020-10-03T18:11:34.134+0530 [INFO]  core: successfully setup plugin catalog: plugin-directory=
      2020-10-03T18:11:34.135+0530 [INFO]  core: successfully mounted backend: type=system path=sys/
     2020-10-03T18:11:34.136+0530 [INFO]  core: successfully mounted backend: type=identity path=identity/
      2020-10-03T18:11:34.136+0530 [INFO]  core: successfully mounted backend: type=cubbyhole path=cubbyhole/
      2020-10-03T18:11:34.137+0530 [INFO]  core: successfully enabled credential backend: type=token path=token/
       2020-10-03T18:11:34.137+0530 [INFO]  core: restoring leases
       2020-10-03T18:11:34.137+0530 [INFO]  rollback: starting rollback manager
       2020-10-03T18:11:34.137+0530 [INFO]  identity: entities restored
      2020-10-03T18:11:34.137+0530 [INFO]  identity: groups restored
       2020-10-03T18:11:34.137+0530 [INFO]  core: post-unseal setup complete
     2020-10-03T18:11:34.137+0530 [INFO]  core: vault is unsealed
      2020-10-03T18:11:34.137+0530 [INFO]  expiration: lease restore complete
       2020-10-03T18:11:34.140+0530 [INFO]  core: successful mount: namespace= path=secret/ type=kv
       2020-10-03T18:11:34.150+0530 [INFO]  secrets.kv.kv_9787a317: collecting keys to upgrade
      2020-10-03T18:11:34.150+0530 [INFO]  secrets.kv.kv_9787a317: done collecting keys: num_keys=1
      2020-10-03T18:11:34.150+0530 [INFO]  secrets.kv.kv_9787a317: upgrading keys finished
     2020-10-04T14:33:22.679+0530 [ERROR] secrets.system.system_467d516a: error occurred during enable mount: path=venafi-pki/ error="plugin not found in the catalog: venafi-pki-backend"
        2020-10-04T14:35:42.569+0530 [ERROR] secrets.system.system_467d516a: error occurred during enable mount: path=venafi-pki/ error="plugin not found in the catalog: venafi-pki-backend"
    

5.SHA256=(sha256sum /private/etc/vault/vault_plugins/venafi-pki-backend| cut -d' ' -f1) 6.vault write sys/plugins/catalog/secret/venafi-pki-backend sha_256="{SHA256}" command=“venafi-pki-backend”

I am trying above steps on mac…
7.Below is the o/p for 7th command:
bash-3.2# vault secrets enable -path=venafi-pki -plugin-name=venafi-pki-backend plugin
Error enabling: Error making API request.

URL: POST http://127.0.0.1:8200/v1/sys/mounts/venafi-pki
Code: 400. Errors:

  • plugin not found in the catalog: venafi-pki-backend

btw i dont see any logs for 6th command in " Vault server -dev" console.

Do let me know if any more info is needed.

P.S - Will it work with system catalog outside of sys i.e like below:
vault write /kv/venafi-pki-backend sha_256="${SHA256}" command=“venafi-pki-backend”

with above 7th command is too failing(I am just trying these out to move fwd :frowning: )

Thanks,
Akshay

I tried the steps in https://www.vaultproject.io/docs/secrets/venafi (except step3) on linux OS with below package:

vault_1.5.4_linux_amd64.zip
venafi-pki-backend_v0.7.1+943_linux.zip

Getting same error:

vault write sys/plugins/catalog/secret/venafi-pki-backend sha_256="${SHA256}" command=“venafi-pki-backend”
Error writing data to sys/plugins/catalog/secret/venafi-pki-backend: Error making API request.

URL: PUT http://127.0.0.1:8200/v1/sys/plugins/catalog/secret/venafi-pki-backend
Code: 500. Errors:

  • 1 error occurred:
    • could not set plugin, plugin directory is not configured

vault server -dev
==> Vault server configuration:

         Api Address: http://127.0.0.1:8200
                 Cgo: disabled
     Cluster Address: https://127.0.0.1:8201
          Go Version: go1.14.7
          Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
           Log Level: info
               Mlock: supported: true, enabled: false
       Recovery Mode: false
             Storage: inmem
             Version: Vault v1.5.4
         Version Sha: 1a730771ec70149293efe91e1d283b10d255c6d1

P.S- step3 is not working & i believe its okay to ignore:
plugin_directory = “/etc/vault/vault_plugins”
bash: plugin_directory: command not found…

Start the server using vault server -dev -dev-plugin-dir=/private/etc/vault/vault_plugins

1 Like

wow,it worked like a charm…thanks for all help…

vault write venafi-pki/roles/tpp \
    tpp_url="https://tpp.venafi.example/vedsdk" \
    tpp_user="local:admin" tpp_password="password" \
    zone="DevOps\\HashiCorp Vault" \
    trust_bundle_file="/opt/venafi/bundle.pem" \
    generate_lease=true store_by_serial=true store_pkey=true \
    allowed_domains=example.com \
    allow_subdomains=true

above command is throwing below error:

Error writing data to venafi-pki/roles/tpp: Error making API request.

URL: PUT http://127.0.0.1:8200/v1/venafi-pki/roles/tpp
Code: 404. Errors:

  • no handler for route ‘venafi-pki/roles/tpp’

Do i need to pass some flag in " vault server -dev also,or can u provide me a sample config file which can handle other similar issues

Same issue happening with shell script mentioned in https://github.com/hashicorp/vault-guides/blob/master/secrets/vault-venafi-pki-backend-integration/5_configure_plugin.sh as well
Sorry to trouble you again