FATAL: could not load private key file "/etc/pki/tls/private/pg-spacewalk.key": key values mismatch
This document (000021369) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Manager 4.3
Situation
After upgrading the SUMA server from version 4.2 to 4.3, the postgresql service failed to start with the following errors:
systemctl status postgresql.service × postgresql.service - PostgreSQL database server Loaded: loaded (/usr/lib/systemd/system/postgresql.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2024-01-19 07:23:33 CET; 33s ago Process: 1704 ExecStart=/usr/share/postgresql/postgresql-script start (code=exited, status=1/FAILURE) Jan 19 07:23:32 sl12 systemd[1]: Starting PostgreSQL database server... Jan 19 07:23:33 sl12 postgresql-script[1800]: 2024-01-19 07:23:33.237 CET [1800]FATAL: could not load private key file "/etc/pki/tls/private/pg-spacewalk.key": key values mismatch Jan 19 07:23:33 sl12 postgresql-script[1800]: 2024-01-19 07:23:33.237 CET [1800]LOG: database system is shut down Jan 19 07:23:33 sl12 postgresql-script[1795]: pg_ctl: could not start server Jan 19 07:23:33 sl12 postgresql-script[1795]: Examine the log output. Jan 19 07:23:33 sl12 systemd[1]: postgresql.service: Control process exited, code=exited, status=1/FAILURE Jan 19 07:23:33 sl12 systemd[1]: postgresql.service: Failed with result 'exit-code'. Jan 19 07:23:33 sl12 systemd[1]: Failed to start PostgreSQL database server.
Resolution
1) Please verify both file contents are supposed to be "identical":
# md5sum /etc/pki/tls/private/spacewalk.key
# md5sum /etc/pki/tls/private/pg-spacewalk.key
2) If both file contents do not match, please do a backup and copy the key content from the spacewalk.key to pg.spacewalk.key.
# mkdir /tmp/backup/
# mv /etc/pki/tls/private/pg-spacewalk.key /tmp/backup/
** Make sure that the file exists in the backup directory => ll /tmp/backup/
# cp -va /etc/pki/tls/private/spacewalk.key /etc/pki/tls/private/pg-spacewalk.key
3) Ensure the file's permission is correct:
# ls -lah /etc/pki/tls/private/pg-spacewalk.key
-rw------- 1 postgres postgres 1.7K Jan 10 17:15 /etc/pki/tls/private/pg-spacewalk.key
If not, please correct it with the following commands:
# chmod 600 /etc/pki/tls/private/pg-spacewalk.key
# chown postgres:postgres /etc/pki/tls/private/pg-spacewalk.key
4) Then restart the spacewalk service again and check the service status:
# spacewalk-service restart
# spacewalk-service status
# md5sum /etc/pki/tls/private/spacewalk.key
# md5sum /etc/pki/tls/private/pg-spacewalk.key
2) If both file contents do not match, please do a backup and copy the key content from the spacewalk.key to pg.spacewalk.key.
# mkdir /tmp/backup/
# mv /etc/pki/tls/private/pg-spacewalk.key /tmp/backup/
** Make sure that the file exists in the backup directory => ll /tmp/backup/
# cp -va /etc/pki/tls/private/spacewalk.key /etc/pki/tls/private/pg-spacewalk.key
3) Ensure the file's permission is correct:
# ls -lah /etc/pki/tls/private/pg-spacewalk.key
-rw------- 1 postgres postgres 1.7K Jan 10 17:15 /etc/pki/tls/private/pg-spacewalk.key
If not, please correct it with the following commands:
# chmod 600 /etc/pki/tls/private/pg-spacewalk.key
# chown postgres:postgres /etc/pki/tls/private/pg-spacewalk.key
4) Then restart the spacewalk service again and check the service status:
# spacewalk-service restart
# spacewalk-service status
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000021369
- Creation Date: 26-Feb-2024
- Modified Date:26-Feb-2024
-
- SUSE Manager Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
