Error: http: server gave HTTP response to HTTPS client

[rohit duggal]

My vault server configuration is:

C:\>vault server -config=example.hcl

==> WARNING: mlock not supported on this system!

  An `mlockall(2)`-like syscall to prevent memory from being

  swapped to disk is not supported on this system. Running

  Vault on an mlockall(2) enabled system is much more secure.

==> Vault server configuration:

                     Cgo: disabled

         Cluster Address: https://127.0.0.1:8201

              Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0

.1:8201", tls: "disabled")

               Log Level: info

                   Mlock: supported: false, enabled: false

        Redirect Address: http://127.0.0.1:8200

                 Storage: consul (HA available)

                 Version: Vault v0.7.2

             Version Sha: d28dd5a018294562dbc9a18c95554d52b5d12390

==> Vault server started! Log data will stream in below:

2017/05/15 14:32:03.046800 [WARN ] physical/consul: appending trailing forward s

lash to path

This is how my backend/listener config file looks like:

{

"backend":{

      "consul":{

         "address":"127.0.0.1:8500",

         "path":"vault",

         "scheme":"http",

         "tls_skip_verify" : 1

      }

   },

   "listener":{

      "tcp":{

         "address":"127.0.0.1:8200",

         "tls_disable":1

                }

        }

}

Now when I try to execute vault init command to initialize vault, I am getting following error:

C:\>vault init

Error initializing Vault: Put https://127.0.0.1:8200/v1/sys/init: http: server g

ave HTTP response to HTTPS client

Any ideas or suggests? because i am going out of ideas here. 

Thanks!

Rohit

[Chris Hoffman]

It looks like you have TLS disabled but you are trying to connect to vault over https.  Set the environment variable VAULT_ADDR to http://127.0.0.1:8200 and you should be good to go.

Chris

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/58023014-fc82-4063-af9e-4157e907f11b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[rohit duggal]

Thanks Chris, this was really helpful. It solved my issue.

Now I am seeing another issue while using curl as http client with vault api.

When I try to unseal my vault using following command, it gives an error:

curl -X PUT -d '{"key":"JaKoj....."}' http://127.0.0.1:8200/v1/sys/unseal

{"errors":["failed to parse JSON input: invalid character '\\'' looking for beginning of value"]}

Sorry I am new to this stuff, making mistake somewhere in json input.

Rohit

[Vishal Nayak]

Hi Rohit,

I am not sure which version of Vault you are using but the CLI output
in the recent versions of Vault displays a base64 encoded unseal key
which is save to use with curl. The character '\\' will not be present
in the key if you use base64 encoded value.

Regards,
Vishal

On Wed, May 17, 2017 at 2:21 AM, rohit duggal

> https://groups.google.com/d/msgid/vault-tool/1819fd21-20fb-47a5-b69d-085dcaa54f5c%40googlegroups.com.

>
> For more options, visit https://groups.google.com/d/optout.

--
vn

[rohit duggal]

Thanks Vishal...butI am using base64 key and '\\' these characters are not there in it. Still it is giving this error.

-Rohit