Docker run tls vault error

Below is my docker file.

FROM hashicorp/vault
ENTRYPOINT vault server -config /vault/config/config.hcl

Below is my config.hcl.

ui = true
disable_mlock = true
storage "mysql" {
   address = ""
   username = "vault"
   password = "vault"
   database = "vault"
listener "tcp" {
   address = "[::]:8200"
   tls_cert_file = "/certs/webServer.crt"
   tls_key_file = "/certs/webServer.key"
   tls_disable = false
   tls_require_and_verify_client_cert = true
   tls_client_ca_file = "/certs/webClientCA.pem"

I have no problem deploying services in k8s. Now I switch to the physical machine and report an error when I start it through docker run, but all the files are exactly the same as those deployed by k8s.

docker run -it --name vault \
-p 50035:8200 \
-v /home/vault/config.hcl:/vault/config/config.hcl \
-v /home/vault/ \
-v /home/vault/ \
-v /home/vault/webClientCA.pem:/certs/webClientCA.pem\

Below is error message.

In order to be able to upload, I added the .txt suffix to the file, but the content is not modified。 (4.5 KB) (1.7 KB)
webClientCA.pem.txt (2.6 KB)

1 Like

That’s because you specified your certificate file twice in your docker run args, and your key file not at all.

1 Like

You are right, I made a stupid mistake.