We have Windows Server 2019 running vault agent on AWS.
The agent config file uses a ‘template’ like this
{{ with secret "pki_blah/sign/instance" "common_name=instance.domain" "csr=@instance.domain.csr" }}
{{ .Data | toJSON }}
{{ end }}
When we run the agent manually in powershell, we get this back
[WARN] (view) vault.write(pki path)
URL: PUT https://vault_server:8200/v1/pki_blah/sign/instance
Code: 400. Errors:
csr contains no data
We have tried changing the csr= to not use the @, use full windows path, use full path but with / instead of , and even put “csr=TheFullCsrOnOneLine”, but we get the same error every time.
Can anyone see where we’re going wrong with this please?
Thanks
Nick .