Why does the same unseal key doesnot work after reboot of the device?

We have vault server launched in our device. We had 1 key created during our development to init/unseal vault. This key is working properly during first boot of vault.
KEY = vault operator init -key-shares=1 -key-threshold=1

During reboot, we see the vault is already initialised but sealed. To unseal the vault, we try the same command, which was used in first boot of vault as shown below:
vault operator unseal -tls-skip-verify “$KEY”

Here we see the $KEY seems to be have same content
Any reason why vault throws error stating keys are invalid?


  • Vault Server Version (retrieve with vault status ):
    vault status
    Key Value

Seal Type shamir
Initialized true
Sealed false
Total Shares 1
Threshold 1
Version 1.2.3
Cluster Name xxx
Cluster ID xxxx
HA Enabled false

  • Vault CLI Version (retrieve with vault version ):Vault v1.2.3
  • Server Operating System/Architecture:Linux

Vault server configuration file(s):

disable_mlock = true
storage “file” {
path = “/xx/xx/xx/vault/”

listener “tcp” {
address = “”
tls_min_version = “tls12”
tls_cert_file = “/xx/xx/xx/xx.crt”
tls_key_file = “/xx/xx/xx/xx.key”
tls_client_ca_file = “/xx/xx/xx/xx.crt”
api_addr = “