I am setting up SSL configuration for Vertica 9.2. Seeing "Failed to Initialize SSL" error.

ravikumarcravikumarc Community Edition User
edited August 2021 in General Discussion

Seeing the following error at startup and not able to startup the database.

host ['xx.xx.xx.xx'] report: @v_verticadb_node0001: VX001/3380: Failed to initialize SSL
LOCATION: doInstallAndJoin, /data/qb_workspaces/jenkins2/ReleaseBuilds/Grader/REL-9_2_0-x_grader/build/vertica/Transaction/TransAPI.cpp:5531

In vertica logs
2021-08-05 19:23:33.002 Spread Service InOrder Queue:7f40a3b4c700 @v_verticadb_node0001: VX001/6211: Could not load server private key from
SSLPrivateKey config parameter: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

#

These are the steps I followed to configure SSL

Extracted the certificate

openssl pkcs12 -in campaigns.com.pfx -clcerts -nokeys -out server.crt

Extracted the key

openssl pkcs12 -in campaigns.com.pfx -nocerts -out encrypted_server.key
openssl rsa -in encrypted_server.key -out server.key

Extracted Intermediate and Root certs

openssl x509 -in "Intermediate_Medium Enrollment CA-1A.cer" -out intermediate.crt
openssl x509 -in " EPKI PROD ROOT CA Cert.cer" -out root.crt

Appended the 3 certificates into chain.crt

cat intermediate.crt >> chain.crt
cat root.crt >> chain.crt
cat server.crt >> chain.crt
cp chain.crt server.crt

Add the cert and key to verticadb

admintools -t set_ssl_params -d verticadb -k ./server.key -c ./server.crt
admintools -t start_db -d verticadb

Please let me know if these steps are not correct.

Answers

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file