keybase PGP with /sys/init API

[Manfred Jantscher]

Hi,

I am trying to initialize vault through the API (rather than executing vault init locally) via /v1/sys/init. It looks like this does not accept keybase like described here https://www.vaultproject.io/docs/concepts/pgp-gpg-keybase.html. Is this right or am I doing something wrong? I am getting the following error:

{"errors":["invalid seal configuration: Error parsing given PGP key: openpgp: invalid data: tag byte does not have MSB set"]}

Best Regards 

[Matthew Irish]

Hi Manfred,

Your hunch here: 

> It looks like this does not accept keybase like described here https://www.vaultproject.io/docs/concepts/pgp-gpg-keybase.html. 

is correct. The code to interact with the keybase APIs is contained in the Vault CLI, so if you're wanting to use keybase you'd have to fetch those keys separately and pass them to the api as described here: https://www.vaultproject.io/api/system/init.html#start-initialization 

Hope this helps.

cheers,

Matthew

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/d5077d64-09eb-42bc-a6e6-33629a4a67f7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Manfred Jantscher]

Thanks Matthew! This did answer my question. I have a working solution in place now.

Best Regadrs