I'm new to both Vault and Docker, I was working with Vault with Transport Layer Security disabled, now I want to activate it to be able to query Vault over HTTPS I generated self-signed certificates using Openssl by this command
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
you can find the explanation Here on Stack.
As explained Hashicorp Vault Discussion volumes must be mounted from local into the container.
First, I have created docker volume and I have manually copied the certifications inside that volume
docker volume create vault-volume
I found in the Documentation that adding --mount source=vault-volume,target=path_inside_the_container is likely to help so here is my command
sudo docker run --rm --name hashicorp_vault --mount source=vault-volume,target=/vault/certs \
--cap-add=IPC_LOCk -e VAULT_ADDR=http:0.0.0.0:8200 \
-e 'VAULT_LOCAL_CONFIG=$config_placeholder' \
vault
Configuration placeholder
{
"backend": {
"file": {
"path": "/vault/file"
}
},
"listener": [{
"tcp":{
"address": "0.0.0.0:8201","tls_disable":"0",
"tls_cert_file":"/vault/certs/cert.pem",
"tls_key_file":"/vault/certs/key.pem"
}
}],
"api_addr": "http://0.0.0.0:8200",
"cluster_addr": "https://0.0.0.0:8201",
"ui": "true"
}
Now I got this error
Error initializing listener of type tcp: error loading TLS cert: open /vault/certs/cert.pem: no such file or directory
The container doesn't know about the directory but as I understood that I have mounted it so that it will create it for me
I'm missing things here, I'll appreciate it for you for any helpful explanation and a solution.
