My httpd Proxy details are below
ProxyPass /vault http://127.0.0.1:8200
ProxyPassReverse /vault http://127.0.0.1:8200
ProxyPreserveHost on
Config.hcl:
ui = true
disable_mlock = true
storage “raft” {
path = “/data1/appsdata/vault-home/vault/data”
node_id = “node1”
}
listener “tcp” {
address = “Internal Ip address in AWS:8200”
tls_disable = “true”
}
api_addr = “http://127.0.0.1:8200”
cluster_addr = “https://127.0.0.1:8201”
Any inputs here please
I think this is the problem - you are trying to re-map the URL /vault/ on the outside of the proxy to / on the inside of the proxy.
This can only be done if the backend webapp has been specifically written to support it, and I don’t think Vault does.
For this reason I use a dedicated DNS name for Vault, along with
ProxyPass / http://localhost:8200/
I also have this in my config for Vault… I don’t remember why I added it… it might have been to fix part of the KV engine UI…
AllowEncodedSlashes NoDecode