When setting up the vault plugin from 8.0.15-5 packages, I'm getting the following error on Cosmic:
2019-03-04T20:13:51.295047Z 0 [System] [MY-011197] [Server] Plugin keyring_vault reported: 'CURL returned this error code: 60 with error message : server certificate verification failed. CAfile: /package-testing/scripts/ps_keyring_plugins_test/test.cer CRLfile: none'
2019-03-04T20:13:51.295068Z 0 [System] [MY-011197] [Server] Plugin keyring_vault reported: 'Could not retrieve list of keys from Vault.'
2019-03-04T20:13:51.295091Z 0 [ERROR] [MY-011371] [Server] Plugin keyring_vault reported: 'Error while loading keyring content. The keyring might be malformed'
2019-03-04T20:13:51.295105Z 0 [System] [MY-011197] [Server] Plugin keyring_vault reported: 'keyring_vault initialization failure. Please check that the keyring_vault_config_file points to readable keyring_vault configuration file. Please also make sure Vault is running and accessible. The keyring_vault will stay unusable until correct configuration file gets provided.'
2019-03-04T20:13:51.761799Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2019-03-04T20:13:51.803169Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.0.15-5' socket: '/var/run/mysqld/mysqld.sock' port: 3306 Percona Server (GPL), Release '5', Revision '517f714'.
2019-03-04T20:13:51.920372Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Socket: '/var/run/mysqld/mysqlx.sock' bind-address: '::' port: 33060
2019-03-04T20:14:10.691174Z 8 [ERROR] [MY-012676] [InnoDB] Check keyring plugin fail, please check the keyring plugin is loaded.
I can't reproduce it on Cosmic with 8.0.13-4, and on other distributions with 8.0.15-5.
Files and test(s) can be found on github.
Not sure if changes in the: https://github.com/percona/percona-server/blob/8.0/plugin/keyring_vault/i_vault_curl.h could be causing this (that's the only thing that looks changed in the vault plugin between the versions).