Uploaded image for project: 'Percona XtraDB Cluster'
  1. Percona XtraDB Cluster
  2. PXC-732

Improve SST SSL encryption error message

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: 5.6.x
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Improve SST SSL ecryption error message if there is any certificate file missing,

      Testcase:-

      $ ls -l pxc-node/*.pem
-rw------- 1 ramesh ramesh 1680 Nov 21 04:03 pxc-node/ca-key.pem
-rw-r--r-- 1 ramesh ramesh 1079 Nov 21 04:03 pxc-node/ca.pem
-rw-r--r-- 1 ramesh ramesh 1087 Nov 21 04:03 pxc-node/client-cert.pem
-rw------- 1 ramesh ramesh 1676 Nov 21 04:03 pxc-node/client-key.pem
-rw------- 1 ramesh ramesh 1676 Nov 21 04:03 pxc-node/private_key.pem
-rw-r--r-- 1 ramesh ramesh  452 Nov 21 04:03 pxc-node/public_key.pem
-rw-r--r-- 1 ramesh ramesh 1087 Nov 21 04:03 pxc-node/server-cert.pem
-rw------- 1 ramesh ramesh 1676 Nov 21 04:03 pxc-node/server-key.pem
$

      ca-cert..pem is not present in PXC database dir. As per error log server did not print missing file name:

      WSREP_SST: [INFO] Evaluating timeout -s9 100 socat -u openssl-listen:4444,reuseaddr,cert=/home/ramesh/pxc_sec/57pxc/pxc-node/server-cert.pem,key=/home/ramesh/
pxc_sec/57pxc/pxc-node/server-key.pem,cafile=/home/ramesh/pxc_sec/57pxc/pxc-node/ca-cert.pem,verify=1,dhparam=/home/ramesh/pxc_sec/57pxc/pxc-node//dhparams.pe
m stdio | xbstream -x; RC=( ${PIPESTATUS[@]} ) (20161121 05:58:04.820)
2016/11/21 05:58:04 socat[29483] E SSL_CTX_load_verify_locations(): error:02001002:system library:fopen:No such file or directory
WSREP_SST: [ERROR] Error while getting data from donor node:  exit codes: 1 0 (20161121 05:58:04.829)
WSREP_SST: [ERROR] Cleanup after exit with status:32 (20161121 05:58:04.832)
2016-11-21T10:58:04.843893Z 0 [ERROR] WSREP: Process completed with error: wsrep_sst_xtrabackup-v2 --role 'joiner' --address '208.88.225.240' --datadir '/home
/ramesh/pxc_sec/57pxc/pxc-node/' --defaults-file '/home/ramesh/pxc_sec/57pxc/my.cnf' --defaults-group-suffix '' --parent '29046'  '' : 32 (Broken pipe)
2016-11-21T10:58:04.843931Z 0 [ERROR] WSREP: Failed to read uuid:seqno from joiner script.

        Attachments

          Activity

            People

            Assignee:
            kenn.takara Kenn Takara
            Reporter:
            ramesh.sivaraman Ramesh Sivaraman (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Smart Checklist