I am totally new to HashiCorp Vault. It’s my first time using it and luckily I have got into a problem.
I have installed HashiCorp Vault on my Ubuntu 20 LTS server on AWS and it’s working fine with the Ip address when used on the browser.
I have followed this documentation for the HashiCorp Vault installation:
This is the content of my /etc/vault.d/vault.hcl file:
listener "tcp" {
address = "[0.0.0.0:8200](http://0.0.0.0:8200/)"
tls_disable = 1
}
telemetry {
statsite_address = "[127.0.0.1:8125](http://127.0.0.1:8125/)"
disable_hostname = true
}
storage "file" {
path = "/vault-data"
}
ui = true
But now my use case is that I want to access this with a domain name [hashivault.onecloudhelper.com] with a TLS certificate enabled.
(https://hashivault.onecloudhelper.com/)
I have downloaded the required keys from Certbot and have tried to make changes in the configurations.
The following are the configuration changes that I have tried at /etc/vault.d/vault.hcl file :
# HTTPS listener
listener "tcp" {
address = "[hashivault.onecloudhelper.com:8200](http://hashivault.onecloudhelper.com:8200/)"
tls_cert_file = "/etc/letsencrypt/live/[hashivault.onecloudhelper.com/fullchain.pem](http://hashivault.onecloudhelper.com/fullchain.pem)"
tls_key_file = "/etc/letsencrypt/live/[hashivault.onecloudhelper.com/privkey.pem](http://hashivault.onecloudhelper.com/privkey.pem)"
}
listener "tcp" {
address = "[0.0.0.0:8200](http://0.0.0.0:8200/)"
tls_disable = 0
}
telemetry {
statsite_address = "[127.0.0.1:8125](http://127.0.0.1:8125/)"
disable_hostname = false
}
storage "file" {
path = "/vault-data"
}
ui = true
I have gone through multiple documents but have not been able to do this action. Please help me with how can I achieve this.