From the error message below, what is missing from the Consul agent configuration file?

Your colleague has deployed a new Consul cluster, and you want to double-check the encryption key used for gossip communication. You open up an SSH session to a Consul node and type the command consul keyring -list but receive the following error.

From the error message below, what is missing from the Consul agent configuration file?

$ consul keyring -list

==> Gathering installed encryption keys…

A . the encryption parameter with a valid of true or 1
B. the encrypt parameter and the corresponding value
C. the gossip parameter and a value of true
D. configuration for the tls certificate, the private key, and the CA bundle

Answer: B

Explanation:

In the configuration file, the encrypt parameter must be used to enable gossip encryption and set the gossip encryption key. The provided key is automatically persisted to the data directory and loaded automatically whenever the agent is restarted. The fact that the key is persisted in the data directory means that in order to encrypt Consul’s gossip protocol, this option only needs to be provided once on each agent’s initial startup sequence.

https://www.consul.io/docs/agent/options.html#_encrypt