Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
944 views
in Technique[技术] by (71.8m points)

openssl - SQL Server crashes when trying to backup certificate

I am trying to create backup certificate from primary to create certificates on secondary nodes for an availability group. Using the following:

    CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password123';
    CREATE CERTIFICATE dbm_certificate WITH SUBJECT = 'dbm';
    
    BACKUP CERTIFICATE dbm_certificate
       TO FILE = 'dbm_certificate.cer'
       WITH PRIVATE KEY (
               FILE = 'dbm_certificate.pvk',
               ENCRYPTION BY PASSWORD = '123password'
           );

The master key and certificate creation are successful but the BACKUP CERTIFICATE returns:

A transport-level error has occurred when receiving results from the server. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)

This seems to be caused by a core dump by sql giving the following log:

This program has encountered a fatal error and cannot continue running at Tue Jan 26 12:25:05 2021
The following diagnostic information is available:

         Reason: 0x00000001
         Signal: SIGABRT - Aborted (6)
          Stack:
                 IP               Function
                 ---------------- --------------------------------------
                 0000559b81252023 malloc_usable_size+0x9e103
                 0000559b81251afe malloc_usable_size+0x9dbde
                 0000559b8125111a malloc_usable_size+0x9d1fa
                 00007fbabc90d400 __restore_rt+0x0
                 00007fbabc90d387 gsignal+0x37
                 00007fbabc90ea78 abort+0x148
                 00007fbabb5ecc8f OpenSSLDie+0x1f
                 00007fbabb6aadcc bad_do_cipher+0x1c
                 00007fbabb6aafba EVP_EncryptUpdate+0xda
                 0000559b8120c8ce malloc_usable_size+0x589ae
                 0000559b8120c4c2 malloc_usable_size+0x585a2
                 0000559b811d60d5 malloc_usable_size+0x221b5
                 0000559b811d5d99 malloc_usable_size+0x21e79
        Process: 11391 - sqlservr
         Thread: 11513 (application thread 0x1c4)
    Instance Id: 2b6201eb-eeba-4f82-8007-7e3ef630be1a
       Crash Id: 98fa6ae2-ac80-4454-839a-06ffba21260a
    Build stamp: 86f25b9af3192b748396bd75b5bf3eceb3e2e62a8c2271521d281f5a53463d38
   Distribution: Red Hat Enterprise Linux
     Processors: 4
   Total Memory: 8370020352 bytes
      Timestamp: Tue Jan 26 12:25:05 2021

Removing the WITH PRIVATE KEY allows the command to succeed creating dbm_certificate in the data folder. This lead me to believe the issue was with OPENSSL and the encryption of private key. I have installed MSSQL 2019 on Red Hat 7.9 with OPENSSL 1.0.2k. I have created symlinks to OPENSSL in /opt/mssql/lib as well as adding :

[Service]
Environment="LD_LIBRARY_PATH=/opt/mssql/lib"

to the mssql-server service.

question from:https://stackoverflow.com/questions/65907417/sql-server-crashes-when-trying-to-backup-certificate

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...