Hello All,
I am new in vault and I installed it with certificates and it works.
I cannot reach it using an haproxy with tcp passthru.
Anyone can help me, please?
Ignazio
Hello, I am continuing to have isdues configuring vault behind haproxy.
If I connect to each vault server ui on port 8200 it works fine with the certificate.
If I try to connect using tcp pass thru in haproxy it gives ssl handshake errors.
I also tried to install apache on servers where vault is installed with same certificates and it works using haproxy pass thru.
So I think some specific configuration is required for vault.
Thanks
Ignazio
Hi, this is my working config:
global
defaults
mode tcp
timeout connect 5000
timeout client 10000
timeout server 10000
frontend vault
mode tcp
log global
bind *:443 ssl crt /etc/haproxy/ssl.cer
option tcplog
default_backend vault
backend vault
mode tcp
option httpchk GET /v1/sys/health HTTP/1.1
http-check expect status 200
http-send-name-header Host
server node1 vault-1.my.domain:8200 ssl check check-ssl verify none
server node2 vault-2.my.domain:8200 ssl check check-ssl verify none
server node3 vault-3.my.domain:8200 ssl check check-ssl verify none
With a new cert for https://vault.my.domain (/etc/haproxy/ssl.cer). It is not perfect, but it works and forwards on the active node