We’ve setup a cluster with certificates (followed by the docs) and now I’m trying to access “sql”, but I’m getting the following error:
Welcome to the cockroach SQL interface. All statements must be terminated by a semicolon. To exit: CTRL + D. Error: pq: user root must use certificate authentication instead of password authentication Failed running "sql"
And in the cockroachdb log file stands: (note: I’ve replaced the ipv4 and port)
server/server.go:1537 [n1,client=<ipv4>:<port>] user root must use certificate authentication instead of password authentication
What am I doing wrong in this case?
How cockroach is running:
/usr/local/bin/cockroach start --certs-dir=/etc/cockroachdb/certs --store=/data/cockroach --host=cro00.test.ownhost.local --port=26257 --http-host=localhost --http-port=7005 --logtostderr=ERROR --insecure=false --cache=.25 --max-sql-memory=.25
How I try to access the “sql”:
/usr/local/bin/cockroach sql --certs-dir=/etc/cockroachdb/certs --host=cro00.test.ownhost.local
cockroach sql --certs-dir=/etc/cockroachdb/certs --host=cro00.test.ownhost.local
I’ve checked the certs, made them, just lik the docs said, 0700 but that didn’t solve the issue.
After that I’ve tried with “sudo -user=” in front just in order to run the command with the cockroach user, but that resulted in a “panic: could not find absolute path for path cockroach-data: stat .: permission denied”. When I executed the “sudo -user”-command, the cockroach was not able to read the key / certs even when the group and users are the same as the system user of cockroach.
Build Tag: v2.0.3 Build Time: 2018/06/18 16:11:33 Distribution: CCL Platform: linux amd64 (x86_64-unknown-linux-gnu) Go Version: go1.10 C Compiler: gcc 6.3.0 Build SHA-1: 91715a9a95edbe716912173204fa4c0fc6724457 Build Type: release