Hi! I have installed vault with the helm chart in a k8s cluster in HA mode.
I have 3 nodes.
And when I’m trying to create a snapshot from one of the nodes, I receive this error.
$ vault operator raft snapshot save /tmp/snapshot
Error taking the snapshot: redirect failed: Get "https://10.2.1.2:8200/v1/sys/storage/raft/snapshot": tls: failed to verify certificate: x509: certificate is valid for 127.0.0.1, not 10.2.1.2
I have a custom certificate that has as alt_name 127.0.0.1 and *.vault-internal.
Why the node is trying to connect to the master node through the internal IP (12.2.1.2) instead of the hostname (vault-0.vault-internal)?
This is the output of the Vault status.
$ vault status
Key Value
--- -----
Seal Type shamir
Initialized true
Sealed false
Total Shares 5
Threshold 3
Version 1.14.2
Build Date 2023-08-24T13:19:12Z
Storage Type raft
Cluster Name vault-cluster-5cd0136f
Cluster ID a68aa1cb-64a6-e4a8-e0b8-a7997d4022ba
HA Enabled true
HA Cluster https://vault-0.vault-internal:8201
HA Mode standby
Active Node Address https://10.2.1.2:8200
Raft Committed Index 504
Raft Applied Index 504
You can see that the Active Node Address points to the internal IP instead of the hostname.
How can I configure it to be https://vault-0.vault-internal:8200???