Vault cert login failed over nginx

Hi Team,

We have setup vault on nginx reverse proxy. while trying to login using the cert method I am facing the below error. Could you please help me on this.

sampath@IN01N02529:~/cert$ vault login -method=cert -client-cert=new.crt -client-key=new.key name=local
Error authenticating: Error making API request.

URL: PUT https://vault-test.internal.ladbrokescoral.com/v1/auth/cert/login
Code: 400. Errors:

  • client certificate must be supplied

Does it work via the API?
Does it work without the proxy in place?

I can’t recall if the CLI takes files with @ in front, ie
$ vault login -method=cert -client-cert=@new.crt -client-key=@new.key name=local

Hi Mike,

It was working fine as long as we are using it directly as soon as we moved it into reverse proxy it was failing.

Also when I see the service logs the TLS is enabled but only when I am trying to login with cert authentication it is failing.

Any suggestions on this mate…

Are you terminating TLS at Nginx, or passthru SSL/TLS into the Vault nodes?