Hi,
In our project some how we missed the base64 token key which is used in unsealing.command used for unsealing is :
$ curl –X POST --data ‘{“key”: “”}
http://1270.0.0.1:8200/v1/sys/unseal
Please let us know how to recover using root token we have in hand.
Also any other way there to unseal the process.
Hi there,
Unfortunately, without the unseal key, Vault can never be unsealed. Your data can’t be read by malicious third parties – but can’t be read by you either.
If you can’t find the key and need to set Vault up again, you may want to consider an X of Y set of keys, where you have multiple key holders and they are each storing their key in a different place. That way if someone loses their share, so long as you still have enough to meet the threshold, you can still unseal Vault, and still run a rekey operation to generate a new set.
thanks for the detail. It is helpful
Is this possible generate rekey when vault in sealed state ?
i have lost my vault unseal keys… but still require to unseal and get vault data’s back?
The rekey process will still require that you put unseal keys.