I am trying to deploy Vault using Vault Helm Chart. I have enabled TLS and provided the required configurations. But I have two issues:
The CN name in certificate has to be FQDN name, for example: " service.namespace.svc.cluster.local" for the vault to come up, but in this case when I am expsoing the Vault UI as NodePort Service, then certificate will not be valid for the Host in browser. How to handle this ?
Secondly, when I try to keep the Vault UI as Cluster IP only and create ingress to access it, it does not work if TLS is enabled. I created TLS secrets for ingress also with Ingress hostname as CN but always getting the error as Page is not found.
Please guide the deployment process in this case.