Mock secert plugin

revit13 · February 24, 2021, 11:30am

When executing the commands in the readme :vault-guides/plugins/vault-plugin-secrets-mock at master · hashicorp/vault-guides · GitHub I get the following error trying to write :

vault write mock-secrets/test hello="world"


secrets-mock: plugin tls init: error="error during token unwrap request: Error making API request.

URL: PUT http://127.0.0.1:8200/v1/sys/wrapping/unwrap
Code: 403. Errors:

* permission denied" timestamp=2021-02-24T13:27:06.232+0200
2021-02-24T13:27:06.233+0200 [ERROR] core: failed to run existence check: error="Unrecognized remote plugin message:

This usually means that the plugin is either invalid or simply
needs to be recompiled to support the latest protocol."

I used:

VAULT_API_ADDR=http://127.0.0.1:8200
VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200

ixe013 · February 24, 2021, 10:40pm

VAULT_API_ADDR is used to advertise to clients. Since the plugin always run on the same “machine” as Vault itself, it uses the VAULT_ADDR variable which is https://localhost:8200 by default (notice the S).

export VAULT_ADDR=http://localhost:8200

should fix it.

+Shameless plug : I found Hashicorp’s example a little short. Have a look at this Enigma machine plug in I wrote. It is self contained, modular, it can be tested, the plugin can be ugraded…

Topic		Replies	Views
TLS error in plugin registration Vault k8s , vault	12	1188	November 1, 2022
Help with deploying secret plugin Vault k8s , vault	0	719	January 25, 2021
Vault Plugin TLS issue Vault	0	554	February 17, 2022
Plugin tls init: Put \"https://example:8200/v1/sys/wrapping/unwrap\": x509: certificate signed by unknown authority" Vault	6	518	April 29, 2022
Custom Plugin - Vault TLS [HELM, KUBERNETES] Vault k8s , helm	4	702	November 18, 2021

Mock secert plugin

Related topics