Please take this survey to help us learn more about how you use third party tools. Your input is greatly appreciated!

I am setting up SSL configuration for Vertica 9.2. Seeing "Failed to Initialize SSL" error.

Seeing the following error at startup and not able to startup the database.

host ['xx.xx.xx.xx'] report: @v_verticadb_node0001: VX001/3380: Failed to initialize SSL
LOCATION: doInstallAndJoin, /data/qb_workspaces/jenkins2/ReleaseBuilds/Grader/REL-9_2_0-x_grader/build/vertica/Transaction/TransAPI.cpp:5531

In vertica logs
2021-08-05 19:23:33.002 Spread Service InOrder Queue:7f40a3b4c700 @v_verticadb_node0001: VX001/6211: Could not load server private key from
SSLPrivateKey config parameter: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

#

These are the steps I followed to configure SSL

Extracted the certificate

openssl pkcs12 -in campaigns.com.pfx -clcerts -nokeys -out server.crt

Extracted the key

openssl pkcs12 -in campaigns.com.pfx -nocerts -out encrypted_server.key
openssl rsa -in encrypted_server.key -out server.key

Extracted Intermediate and Root certs

openssl x509 -in "Intermediate_Medium Enrollment CA-1A.cer" -out intermediate.crt
openssl x509 -in " EPKI PROD ROOT CA Cert.cer" -out root.crt

Appended the 3 certificates into chain.crt

cat intermediate.crt >> chain.crt
cat root.crt >> chain.crt
cat server.crt >> chain.crt
cp chain.crt server.crt

Add the cert and key to verticadb

admintools -t set_ssl_params -d verticadb -k ./server.key -c ./server.crt
admintools -t start_db -d verticadb

Please let me know if these steps are not correct.

Answers

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file

Can't find what you're looking for? Search the Vertica Documentation, Knowledge Base, or Blog for more information.