I’d like to generate 100k
RSA-3072 certificates with PKI engine, but Vault starts to respond with
HTTP 500 error after ~800th request:
“error occurred: unable to store certificate locally: context canceled”
The source of the error is probably here
It seems that Vault is unable to keep up with high rate of simultaneous certificate generation requests.
So I’d like to know the following:
- is there any way or best practice to avoid this
- is there some Vault setting it’s worth to look at?
Generated certificate, key type: rsa ... // 948 successful certificate generations ... Generate certificate error: The Vault server returned an error (status code 500) ... // 52 similar errors ... generating 1000 keys, errors: 52 thread 'main' panicked at 'assertion failed: `(left == right)` left: `52`, right: `0`', src/main.rs:54:9
Which means there were
52 errors out of 1000 generated certificates (the number of errors is different on each run, can be
4 errors, etc.)
My setup: Docker Vault from here/12 core AMD Ryzen 5 pro 5650u/32GB RAM
Any suggestions will be greatly appreciated