<!-- NOTICE: This Issue tracker is for the GitLab Helm chart, not the GitLab Rails application. Support: Please do not raise support issues for GitLab.com on this tracker. See https://about.gitlab.com/support/ --> ## Summary When trying to connect a self-hosted Vault instance to a self-hosted GitLab both running on AWS EKS the endpoint https://gitlab-domain/-/jwks returns HTTP Error 500 ## Steps to reproduce Install GitLab with helm charts on Kubernetes an access the URL https://gitlab-domain/-/jwks ## Current behavior HTTP Error 500 is thrown ## Expected behavior Seeing the JSON Web Key Set ## Versions - Chart: Original installation was 14.4.1, now running 15.0.1 - Platform: - Cloud: EKS - Kubernetes: (`kubectl version`) - Client: 1.21 - Server: 1.21 - Helm: (`helm version`) - Client: 3.6 ## Relevant logs From the gitlab-webservice-default pod: ``` Completed 500 Internal Server Error OpenSSL::PKey::RSAError (Neither PUB key nor PRIV key: nested asn1 error): ``` ## Fixes I had to reformat openid_connect_signing_key and ci_jwt_signing_key and reinsert them into the gitlab-rails-secret. They are originally saved in a string format that is not parseable by OpenSSL. Once generated in 14.4.1 the gitlab-rails-secret seems to be moved forward through updates and resulted in the above error even in version 15.0.1.