Guest

Preview Tool

Cisco Bug: CSCvv23233 - CMX HA failure due to Postgres connection failed

Last Modified

Aug 26, 2020

Products (1)

  • Cisco Mobility Services Engine

Known Affected Releases

10.6(2)

Description (partial)

Symptom:
cannot built CMX HA due to Postgres connection failed

---

2020-07-01 14:00:41,360 - cmxha.verify.PostgresChecker[check_connect()]:50 - ERROR - Postgres connection failed for: 10.x.x.x : psql: could not load private key file "/opt/cmx/srv/certs/cmxadmin-server.key": Permission denied

---

Conditions:
restoring the backup to the CMX.  the permissions of some files on /opt/cmx/srv/certs/ are changed wrongly. 

// before restoring the backup 
$ ls -lk /opt/cmx/srv/certs/

-r--------. 1 cmxadmin cmxadmin 3244  5月 1 18:59 cmxadmin-server.key  <<<< 
drwx------. 2 cmx      cmx      4100  5月 1 18:59 crl
-rw-r--r--. 1 cmx      cmx      3909  5月 1 18:59 keystore
-rw-r--r--. 1 cmxadmin cmxadmin    0  5月 1 18:59 peerca.crt
-rw-r--r--. 1 cmxadmin cmxadmin    0  5月 1 18:59 peerroot.key

// after restoring the backup


$ ls -lk /opt/cmx/srv/certs/

total 36
-rw-r--r--. 1 cmx cmx 1939 Jul  7 10:40 ca.crt
-r--------. 1 cmx cmx 3243 Jul  7 10:40 cmxadmin-server.key   <<<< 
drwx------. 2 cmx cmx    6 Jul  7 10:40 crl
-rw-r--r--. 1 cmx cmx 3895 Jul  7 10:40 keystore
-rw-r--r--. 1 cmx cmx    0 Jul  7 10:40 peerca.crt
-rw-r--r--. 1 cmx cmx    0 Jul  7 10:40 peerroot.key
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.