Vault Config File (/etc/vault/config.json)

config.json

disable_cache = true
disable_mlock = true
ui = true
listener "tcp" {
    address = "0.0.0.0:8200"
    tls_disable = 0
    tls_cert_file = "/etc/letsencrypt/live/vault.example.com/fullchain.pem"
    tls_key_file = "/etc/letsencrypt/live/vault.example.com/privkey.pem"
}
storage "file" {
  path = "/etc/vault/data"
}
max_lease_ttl = "10h"
default_lease_ttl = "10h"

Edit: For anyone coming here from the future with a 404 error -> make sure the "UI" part of the object is on top of the json. First reported here: https://stackoverflow.com/a/58320850/9490453

Hi, I've followed the exact steps and config with a AWS EC2 Instance. A Loadbancer -> target group -> ec2, I get the SSL certificate - but it says 404 not found. Any idea why?

Edit logs:

Attaching to vault
vault | ==> Vault server configuration:
vault |
vault | Cgo: disabled
vault | Go Version: go1.17.5
vault | Listener 1: tcp (addr: "0.0.0.0:443", cluster address: "0.0.0.0:444", max_request_duration: "1m30s", max_request_size: "33554432", tl
s: "enabled")
vault | Log Level: info
vault | Mlock: supported: true, enabled: true
vault | Recovery Mode: false
vault | Storage: file
vault | Version: Vault v1.9.3
vault | Version Sha: 7dbdd57243a0d8d9d9e07cd01eb657369f8e1b8a
vault |
vault | ==> Vault server started! Log data will stream in below:
vault |
vault | 2022-02-05T13:22:23.497Z [INFO] proxy environment: http_proxy="""" https_proxy="""" no_proxy=""""
vault | 2022-02-05T13:22:23.497Z [WARN] no api_addr value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this valu
e should be manually set
vault | 2022-02-05T13:22:23.525Z [INFO] core: Initializing VersionTimestamps for core