Kong ACME Dbless Storage option

Hello! I have successfully set up a reverse proxy with kong acting as TLS Terminator, in DBLess mode. However, I have some questions regarding the config.storage_config options. How should this info be passed in the .yml configuration file? As a JSON or in the YAML format?

And moreover, if choosing, Vault, should the vault’s lease time (default_lease_ttl) match the duration of the certificate configured in the plugin?

@rockeristul You can take an example config from Acme dB-less example. The config will be in YAML if the dbless config itself is in .yml file.
When using vault, there’s no relationship between the lease time to the certificate valid date. The certificate is created by Kong and stored in vault, not using vault’s PKI.
But do make sure the vault token passed to Kong is valid as there’s currently no renew of token happening.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ