mooneye14
commented
3 years ago Is the snapshot_agent running on the same server as Vault services? You can make a listener in Vault config HCL to allow localhost connections with no TLS then set "addr::http://127.0.0.1:8200"
listener "tcp" { address = "127.0.0.1:8200" tls_disable = 1 }
was able to get server configured and starting but it's refusing connection at my addr value.
since i'm taking this value straight from vault config (and can connect with it via clients), i'm guessing that it's because i'm using a private cert that tls doesn't like.
in the vault client or curl, you can disable tls certificate verification (-tls-skip-verify in vault cli).
I don't see an option in the config file to do something similiar. Is there an undocumented way to acheive same? Or can I somehow modify this in go with an environment variable?
appreciate any guidance and thanks for all your hard work.