Details
-
Bug
-
Resolution: Fixed
-
Major
-
7.1.0
-
7.1.0-1489
-
Untriaged
-
1
-
Unknown
Description
to repro:
- create client certificate
- convert private key to pkcs8, for example: openssl pkcs8 -topk8 -inform PEM -outform PEM -v2 des3 -in travel-sample.key -out travel-sample-pkcs8-nocrypt-v2.key -nocrypt
Fail to connect:
# /opt/couchbase/bin/cbq -e https://172.23.104.90 -cacert ../ca.pem -cert travel-sample.pem -key travel-sample-pkcs8-nocrypt-v2.key |
ERROR 100 : x509KeyPair: parsePrivateKey, err: parsePrivateKey: failed to parse private key |
Also note that if using encrypted key you need to pass in the pk password via -p but also a dummy user via -u.
# /opt/couchbase/bin/cbq -e https://172.23.104.90 -cacert ../ca.pem -cert travel-sample.pem -key travel-sample-pkcs8-crypt-v2.key -p mypassword |
ERROR 100 : x509KeyPair: parsePrivateKey, err: parsePrivateKey: failed to parse private key |
Path to history file for the shell : /root/.cbq_history |
|
# /opt/couchbase/bin/cbq -e https://172.23.104.90 -cacert ../ca.pem -cert travel-sample.pem -key travel-sample-pkcs8-crypt-v2.key -p mypassword -u foo |
Connected to : https://172.23.104.90:18091/. Type Ctrl-D or \QUIT to exit. Path to history file for the shell : /root/.cbq_history |
cbq>
|
Note travel-sample-pkcs8-crypt-v2.key is create with following command: openssl pkcs8 -topk8 -inform PEM -outform PEM -v2 des3 -in travel-sample.key -out travel-sample-pkcs8-crypt-v2.key -passout pass:mypassword