You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Expected behavior
Vault should either refuse to start, or should at least log a warning about an invalid setting.
Actual behavior
Vault runs as if the bad setting were not present, and I see no mention in the stdout/stderr output captured by systemd (journalctl -eu vault)
You can confirm the difference between the two cases by using telnet ::1 18200
When the correct proxy_protocol_authorized_addrs is used: the connection is accepted, and waits for more data
When the erroneous proxy_protocol_authorized_address is used: the connection is accepted but immediately dropped, since there is no matched authorized address.
Environment:
Vault Server Version (retrieve with vault status): 1.9.3
Vault CLI Version (retrieve with vault version): n/a
Server Operating System/Architecture: Ubuntu 20.04.3 x86_64
Vault server configuration file(s): see above
Additional context
n/a
The text was updated successfully, but these errors were encountered:
@candlerb Thanks for filing this issue. So, vault only looks for the exact match of what it expects in the config, and ignores the entires that are not listed as valid config options. In cases you would like to check whether your configuration is correct or not, we suggest to use [vault operator diagnose](https://www.vaultproject.io/docs/commands/operator/diagnose) -config <config file> command and pass in your configuration file. It will report the issues in the configuration file and many more insights. I will close this issue for now. Please feel free to open a new one for further discussions.
Describe the bug
Vault is silently ignoring bad configuration settings (inside tcp listener stanzas at least)
To Reproduce
Add this configuration to vault:
Note that there is an error in there. The correct setting is proxy_protocol_authorized_addrs
Expected behavior
Vault should either refuse to start, or should at least log a warning about an invalid setting.
Actual behavior
Vault runs as if the bad setting were not present, and I see no mention in the stdout/stderr output captured by systemd (
journalctl -eu vault
)You can confirm the difference between the two cases by using
telnet ::1 18200
proxy_protocol_authorized_addrs
is used: the connection is accepted, and waits for more dataproxy_protocol_authorized_address
is used: the connection is accepted but immediately dropped, since there is no matched authorized address.Environment:
vault status
): 1.9.3vault version
): n/aVault server configuration file(s): see above
Additional context
n/a
The text was updated successfully, but these errors were encountered: