You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
InfluxDB does not support client certificates but the influxdb-database-plugin can be configured to use client certificates. This is confusing to Vault users and can lead to unexpected behavior (see #6405).
Hey @mgaffney is still still relevant in light of the deprectation notces that exist on all mount docs - eg:
Note: This engine can use external X.509 certificates as part of TLS or signature validation. Verifying signatures against X.509 certificates that use SHA-1 is deprecated and will no longer be usable without a workaround starting in Vault 1.12. See the deprecation FAQ for more information.
Yes, I think this issue is still relevant because InfluxDB has still not added support for client certificates and the influxdb-database-plugin can still be configured to use a client certificate. I haven't run any tests to see if it still results in an error but I don't see anything in the code that would prevent it.
Also, in the description of the issue above, I said:
It is unknown if InfluxDB will add support for client certificates.
This is still true, however, it doesn't look like InfluxDB will add support for client certificates anytime soon since influxdata/influxdb#9421 and influxdata/influxdb#9698 were both closed with nothing to replace them.
InfluxDB does not support client certificates but the
influxdb-database-plugin
can be configured to use client certificates. This is confusing to Vault users and can lead to unexpected behavior (see #6405).It is unknown if InfluxDB will add support for client certificates. (See influxdata/influxdb#9421 and influxdata/influxdb#9698 for more information).
The
influxdb-database-plugin
should be updated to remove support for client certificates to avoid confusion.The text was updated successfully, but these errors were encountered: