Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance CA chain logging and error handling #19

Open
Syoc opened this issue May 30, 2024 · 1 comment
Open

Enhance CA chain logging and error handling #19

Syoc opened this issue May 30, 2024 · 1 comment
Assignees
@m8rmclaren
Labels
bug Something isn't working

Comments

@Syoc
Copy link

Syoc commented May 30, 2024

I'm having issues troubleshooting 404 issues with the cert/ca endpoint.
Vault returns "Failed to fetch CA list from EJBCA" and a 404 request to "https://my-domain.com/ejbca/ejbca-rest-api/v1/ca//certificate/download".
Reading the code makes it look like the caName match here never hits.

More logging with results from the ListCas endpoint would make this issue easier to debug.

I also makes more sense to me to error out if the for loop completes without a caName match instead of requesting a certificate for empty string.

Running vault version 1.16.3 and plugin version 1.4.0.
@Syoc Syoc added the bug Something isn't working label May 30, 2024
@svenska-primekey
Copy link
Collaborator

The caName needs to match the friendly name created in EJBCA. If the CA name is ManagementCA you would use ManagementCA for the EJBCA vault config.

Thank you for the feedback. We will take a look and see what we can do.

@m8rmclaren m8rmclaren self-assigned this May 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@m8rmclaren m8rmclaren

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Syoc @m8rmclaren @svenska-primekey