mangusbrother mangusbrother - 1 year ago 182
Java Question

Hashicorp Vault - Unrecognized SSL message, plaintext connection?

I am trying to setup a java application to connect to Hashicorp's vault and authenticate using the TLS backend (using an SSL Certificate)

I am using apache httpcomponents 4.4 as follows:

final CloseableHttpClient httpclient = HttpClients.custom().setSSLContext(mySslContext).build();
final CloseableHttpResponse response = httpclient.execute(myRequest)

where myRequest is a Post call on the url:

and mySslContext is built using the keystore file

I have setup vault as follows:

vault server -dev
vault auth-enable cert
vault write auth/cert/certs/default display_name=default policies=default certificate=@C:/dev/keys/vault/vaultPriKey.pem ttl=3600

Yet when i try to execute the request I get:

Unrecognized SSL message, plaintext connection?

Am i missing some form of configuration?

Answer Source

I needed to setup vault without the dev environment

This sample configuration was used: (Note that by not using -dev you need to initialise and unseal it)

backend "inmem" {
  address = ""
  path = "vault"

listener "tcp" {
    address = ""
    tls_disable = 1

listener "tcp" {
 address = ""
 tls_disable = 0
 tls_cert_file = "C:/my/server.pem"
 tls_key_file = "C:/my/serverkey.pkcs8"

And like so you can connect using ssl over 8200 and without ssl on 9000

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download