search

Venafi / vault-pki-monitor-venafi

Venafi PKI Monitoring Secrets Engine for HashiCorp Vault that enforces security policy and provides certificate visiblity to the enterprise.
Mozilla Public License 2.0
19 stars 9 forks source link

TPP 21.1 + PKI Monitor Refresh Token doesn't work. #75

Closed tdrip closed 3 years ago

tdrip commented 3 years ago

PROBLEM SUMMARY At step 10 from the install instructions with 21.1 TPP the JSON response returned is "Bad Request" from TPP If the the refreshtoken is set to "" in the CLI everything works Reproduced on two separate unrelated systems

STEPS TO REPRODUCE Brand new install with the stated versions in the environment and follow the github instructions

EXPECTED RESULTS Should accept the refresh token

ACTUAL RESULTS 400 Bad Request

ENVIRONMENT DETAILS 21.1 TPP, 0.9 PKI Monitor on Darwin and Linux both symptoms present

COMMENTS/WORKAROUNDS I have raised a ticket against Venafi however the token refresh seems to be working ping me directly I'll send the ticket number

tr1ck3r commented 3 years ago

@tdrip can you confirm the pair of tokens you are using was requested for the "hashicorp-vault-monitor-by-venafi" API application? That's currently required to make use of a refresh token.

tdrip commented 3 years ago

@tr1ck3r The mistake was that reading the instructions was the issue - it was requested using "vcert-sdk" rather than the "hashicorp-vault-monitor-by-venafi".

Will there be a plan to support custom API Integration names for the plugin in the future or is it assumed that people should recompile the plugin to register a API integration?

Thanks