Jared Kirschner

@thevilledev : I'm curious about your perspective as a Vault + Consul user on the environment variable precedence / naming conversation above.

`{prefix}_CA` has the advantage of allowing us to distinguish between the agent TLS CA and the service mesh (connect) CA in the future, were we to build a more direct...

@thevilledev : I'll make sure this gets a review in the next week. It looks like this slipped through the cracks.

Only windows is supported, not systemd/unix. The documentation is inaccurate*. Reference: The [os_service_unix.go](https://github.com/hashicorp/consul/blob/main/agent/checks/os_service_unix.go) source file makes it clear that unix isn't supported yet. The [original PR](https://github.com/hashicorp/consul/pull/13388) intentionally only addressed this...

Totally agree @the-maldridge. Technically correct is the worst kind of correct ;) Out of curiosity, what are you doing instead (since the OS Service health check type doesn't exist for...

Hi @reskin89, Thank you for reaching out. I hope to better understand what you're hoping to accomplish and anything we might be able to make clearer for someone in the...

Ah, yes - I thought the Github handle looked familiar! With that context, it sounds like `ca_file`, `cert_file`, and `key_file` are a red herring (because they are unrelated to the...

@reskin89 : Does the same problem occur in secondary if you never specify `PrivateKey` and `RootCert` in any datacenter (which causes Consul to generate its own)? I assume you're specifying...

My _guess_ is that you don't need to specify anything for `PrivateKey` and `RootCert` in the secondary datacenters, and that the secondary datacenters will generate a CSR that they ask...

@reskin89 : It seems like you've reverted back to the old state (with the Vault CA provider in the primary and secondaries). What happens if you try moving to the...