34 lines
1.3 KiB
Plaintext
34 lines
1.3 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Upgrading to Vault 1.10.x - Guides
|
|
description: |-
|
|
This page contains the list of deprecations and important or breaking changes
|
|
for Vault 1.10.x. Please read it carefully.
|
|
---
|
|
|
|
# Overview
|
|
|
|
This page contains the list of deprecations and important or breaking changes
|
|
for Vault 1.10.x compared to 1.9. Please read it carefully.
|
|
|
|
## SSH Secrets Engine
|
|
|
|
The new default value of `algorithm_signer` for SSH CA roles has been changed
|
|
to `rsa-sha2-256` from `ssh-rsa`. Existing roles will be migrated to
|
|
explicitly specify the `algorithm_signer=ssh-rsa` for RSA keys if they used
|
|
the implicit (empty) default, but newly created roles will use the new default
|
|
value (preferring a literal `default` which presently uses `rsa-sha2-256`).
|
|
|
|
### Etcd v2 API no longer supported
|
|
|
|
Support for the Etcd v2 API is removed in Vault 1.10. The Etcd v2 API
|
|
was deprecated with the release of [Etcd v3.5](https://etcd.io/blog/2021/announcing-etcd-3.5/),
|
|
and will be decommissioned in a forthcoming Etcd release.
|
|
|
|
Users of the `etcd` storage backend with the etcdv2 API that are
|
|
upgrading to Vault 1.10 should [migrate](/docs/commands/operator/migrate)
|
|
Vault storage to an Etcd v3 cluster prior to upgrading to Vault 1.10.
|
|
All storage migrations should have
|
|
[backups](/docs/concepts/storage#backing-up-vault-s-persisted-data)
|
|
taken prior to migration.
|