Does CockroachDB support encyrpted private key?

Describe the problem

I have a node certificate pair with password encrypted key. I am facing an issue(log below) when starting node using this protected cert.

*
* ERROR: cannot load certificates.
* Check your certificate settings, set --certs-dir, or use --insecure for insecure clusters.
* 
* problem using security settings: tls: failed to parse private key
*
Failed running "start"

To Reproduce

  1. Create a node certificate by following cockroach doc for creating a security certificate, and make a minor change in process by encrypting the key with a passphrase.
  2. Start CockroachDB node using newly created certs.

Expected behavior
Flag to pass a file to read the passphrase from or command line input for the cert passphrase.

Environment:

  • CockroachDB version: v19.1.0
  • Server OS: Linux/Ubunut
  • Client app: cockroach sql

Hey @themontem,

At the moment we do not support encrypted private keys. I will go ahead and create a feature request and share that with you once it’s been created.

Thanks,

Ron

Hey @themontem,

Here is the Github issue that you can follow.

Thanks,

Ron

Thanks @ronarev for creating a feature request.

1 Like