You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
There is currently no documentation on how to configure a Postgres DB backend to use TLS and specifically also client certificates. Presumably we would specify the file locations in the DSN, but there is no guidance on this nor specific parameters for accepting CA, cert, or key values when configuring a remote Vault server.
Is it not mentioned in the existing documentation, so I assume secure connections are not supported or require pre-staging the client certificates on the Vault server in a place where the pq library may access them. This makes it impossible to dynamically configure a secure Postgres DB connection.
Describe the bug
There is currently no documentation on how to configure a Postgres DB backend to use TLS and specifically also client certificates. Presumably we would specify the file locations in the DSN, but there is no guidance on this nor specific parameters for accepting CA, cert, or key values when configuring a remote Vault server.
Is it not mentioned in the existing documentation, so I assume secure connections are not supported or require pre-staging the client certificates on the Vault server in a place where the
pq
library may access them. This makes it impossible to dynamically configure a secure Postgres DB connection.Current documentation: https://www.vaultproject.io/api/secret/databases/postgresql
To Reproduce
Steps to reproduce the behavior:
verify-full
modeExpected behavior
Documentation and engine should provide a way to store the client cert and key assigned to Vault.
Environment:
vault status
):vault version
): 1.9.3Additional context
pq
docs: https://pkg.go.dev/github.com/lib/pqThe text was updated successfully, but these errors were encountered: