Getting tls bad certificate issue in Vault K8 Agent Injector

security1 · August 3, 2021, 2:20pm

I am running the vault agent injector with auto tls enabled and configured an external vault server. Everything was working fine, suddenly after 24 hours, I am getting this bad certificate issue.

I have even tried using vault.hashicorp.com/tls-skip-verify annotation but the result is the same.
These are the agent injector logs.

2021-08-03T13:56:14.122Z [ERROR] handler: http: TLS handshake error from 172.17.0.1:36180: remote error: tls: bad certificate
2021-08-03T13:57:10.726Z [ERROR] handler: http: TLS handshake error from 172.17.0.1:4425: remote error: tls: bad certificate
2021-08-03T14:01:01.632Z [ERROR] handler: http: TLS handshake error from 172.17.0.1:10077: remote error: tls: bad certificate
2021-08-03T14:01:26.954Z [ERROR] handler: http: TLS handshake error from 172.17.0.1:50072: remote error: tls: bad certificate
2021-08-03T14:01:54.899Z [ERROR] handler: http: TLS handshake error from 172.17.0.1:17536: remote error: tls: bad certificate
2021-08-03T14:12:29.850Z [ERROR] handler: http: TLS handshake error from 172.17.0.1:12749: remote error: tls: bad certificate
2021-08-03T14:12:52.509Z [ERROR] handler: http: TLS handshake error from 172.17.0.1:1626: remote error: tls: bad certificate

alegal · January 26, 2022, 2:19pm

Hello,

I have the same issue (Vault 1.9.0). Any clue to fix the problem ?

Thanks,
Arnaud

tirelibirefe · July 1, 2022, 9:32pm

Hello folks;
Were you able to fix the problem? I get the same error.

Thx & Rgrds

lucasscheepers · September 22, 2022, 3:44pm

Currently experiencing the same issue.

Did you fix error?