how to set "DataSSLParams" in vertica 9.3

holakokhanholakokhan Vertica Customer
edited October 2020 in General Discussion

I generated the Certificate Authority (CA) private key, public certificate, "serverca.crt" and "servercakey.pem" based on this link:

https://www.vertica.com/docs/9.3.x/HTML/Content/Authoring/Security/TLS/GeneratingCertificatesAndKeys.htm

I run this query:
ALTER DATABASE mydb SET DataSSLParams =(
'-----BEGIN CERTIFICATE-----bnmhjhbvnghgjCx76S/b8iKPnbqxmq8dZKdA==-----END CERTIFICATE-----,
-----BEGIN CERTIFICATE-----MFHGHGFNGNe4CCQD7JL11nlk8fdvGnRew==-----END CERTIFICATE-----,
-----BEGIN RSA PRIVATE KEY-----MGHFGHGHGHGHAAKCAhiG4Uw==-----END RSAPRIVATE KEY-----,
-----BEGIN CERTIFICATE-----MIIDBjCGHGFHFGHGHCQ0BAQsFew==-----END CERTIFICATE-----');
and get this error:
SQL Error [3787] [22023]: [Vertica]VJDBC ROLLBACK: Invalid value for parameter
[Vertica]VJDBC ROLLBACK: Invalid value for parameter
I found that query in this links:
https://www.vertica.com/docs/9.3.x/HTML/Content/Authoring/Security/TLS/DataChannelTLS.htm?zoom_highlight=DataSSLParams
https://www.vertica.com/docs/9.3.x/HTML/Content/Authoring/Security/TLS/GeneratingCertificatesAndKeys.htm
And idea?
Vertica version 9.3

Answers

  • Bryan_HBryan_H Vertica Employee Administrator

    Try to run the command without parentheses around the value.

  • holakokhanholakokhan Vertica Customer

    @Bryan_H said:
    Try to run the command without parentheses around the value.

    I do that before, but I still have the same error.

  • Use in one line:
    SELECT SET_CONFIG_PARAMETER('DataSSLParams', '-----BEGIN CERTIFICATE----------END CERTIFICATE----------BEGIN CERTIFICATE----------END CERTIFICATE-----,-----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----,-----BEGIN CERTIFICATE----------END CERTIFICATE-----');

  • SergeBSergeB - Select Field - Employee
    edited March 2021

    Looks like you have an extra comma between first two certificates, try to remove it.

  • hraohrao
    edited February 2022

    I'm getting same error "[Code: 3787, SQL State: 22023] [Vertica]VJDBC ROLLBACK: Invalid value for parameter" on Vertica 10.1 - tried all suggestion on this thread, no luck.
    ALTER DATABASE DEFAULT SET PARAMETER DataSSLParams = '-----BEGIN CERTIFICATE-----<MIIDWDCCAkACFF1QkGWkM9Xggw4NME+MS=>-----END CERTIFICATE----------BEGIN CERTIFICATE-----<MIID3TCCAsWgAwIBAgIUX4MdQHK/+>-----END CERTIFICATE-----,-----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----, -----BEGIN CERTIFICATE-----<MIID2TCCAsGgAwIBAgIUFTyv+>-----END CERTIFICATE-----';
    Just wondering is it because of the issue with my certs/keys or is it with formatting of certs or syntax related?
    How was @holakokhan resolved it?
    Thanks

  • SruthiASruthiA Vertica Employee Administrator

    @hrao : Could you please open a support case to review this issue.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file