I am trying init vault using TLS but i´m having troubles producing tls files with openssl , i constantly have these errors when i am trying init Vault.
Error initializing: Put https://127.0.0.1:8200/v1/sys/init: x509: cannot validate certificate for 127.0.0.1 because it doesn’t contain any IP SANs
or other errors…
anyone can help me with the openssl commands and configuration to do this ?
Hashicorp docs are poor when it comes to production-grade details or best practices, you need to figure things out yourself…
I did not find any example of certificate requests with commands you should run… (there is example for k8s, where k8s is CA so no openssl extensions issue)
Don’t get me wrong, but if you need openssl you should learn how to use it. Or you can use Vault’s internal CA. For this I see HashiCorp’s responsibility to keep the documentation up to date. Not for openssl.