Turbonomic

Hi, someone has hit the following issue we got at our Turbonomic Lab:

We were assigned a valid SSL certificate for Turbonomic UI so to get it accesible from the Internet and to avoid security alerts from other Apps (like Apptio). 

We have at hand both the private key and the public cert. 

We installed it as instructed by (Optional) Adding a certificate for securing the Turbonomic UI

Instructions just include the ingress+name, the private key and the cert.

Upon restarting nginx pod, we are receiving the errors below, Turbo it is asking for the PEM password, but we couldnt figure out where do we have to pass that password to the configuration.

Besides, we are not sure if we need to add the CA certificate as well.  We suppose, as it is a valid SSL cert, it should not be necessary.

***** (rsyslog extract)

nginx-1: Starting nginx
nginx-1: 2024/12/03 21:15:07 [warn] 1#1: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: Enter PEM pass phrase:
nginx-1: Enter PEM pass phrase:
nginx-1: 2024/12/03 21:15:07 [emerg] 1#1: cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)
nginx-1: nginx: [emerg] cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)

*****

We undo the changes and nginx works ok

Any suggestions?

Thanks and regards

Hello Julio, best to log a ticket with support, they can help resolve this.  thanks

Hi, someone has hit the following issue we got at our Turbonomic Lab:

We were assigned a valid SSL certificate for Turbonomic UI so to get it accesible from the Internet and to avoid security alerts from other Apps (like Apptio). 

We have at hand both the private key and the public cert. 

We installed it as instructed by (Optional) Adding a certificate for securing the Turbonomic UI

Instructions just include the ingress+name, the private key and the cert.

Upon restarting nginx pod, we are receiving the errors below, Turbo it is asking for the PEM password, but we couldnt figure out where do we have to pass that password to the configuration.

Besides, we are not sure if we need to add the CA certificate as well.  We suppose, as it is a valid SSL cert, it should not be necessary.

***** (rsyslog extract)

nginx-1: Starting nginx
nginx-1: 2024/12/03 21:15:07 [warn] 1#1: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: Enter PEM pass phrase:
nginx-1: Enter PEM pass phrase:
nginx-1: 2024/12/03 21:15:07 [emerg] 1#1: cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)
nginx-1: nginx: [emerg] cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)

*****

We undo the changes and nginx works ok

Any suggestions?

Thanks and regards

Done, thank you

I will post the results here (if any)

Hello Julio, best to log a ticket with support, they can help resolve this.  thanks

Hi, someone has hit the following issue we got at our Turbonomic Lab:

We were assigned a valid SSL certificate for Turbonomic UI so to get it accesible from the Internet and to avoid security alerts from other Apps (like Apptio). 

We have at hand both the private key and the public cert. 

We installed it as instructed by (Optional) Adding a certificate for securing the Turbonomic UI

Instructions just include the ingress+name, the private key and the cert.

Upon restarting nginx pod, we are receiving the errors below, Turbo it is asking for the PEM password, but we couldnt figure out where do we have to pass that password to the configuration.

Besides, we are not sure if we need to add the CA certificate as well.  We suppose, as it is a valid SSL cert, it should not be necessary.

***** (rsyslog extract)

nginx-1: Starting nginx
nginx-1: 2024/12/03 21:15:07 [warn] 1#1: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: Enter PEM pass phrase:
nginx-1: Enter PEM pass phrase:
nginx-1: 2024/12/03 21:15:07 [emerg] 1#1: cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)
nginx-1: nginx: [emerg] cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)

*****

We undo the changes and nginx works ok

Any suggestions?

Thanks and regards

The response:

Hello Team,

Thank you for opening a case with IBM Turbonomic Support.

This message is to inform you that we have received your case, please feel free to continue to update the case with any additional information that may be relevant to your issue.

Unfortunately, we don't support certificates that have a password. You will need to use a certificate that is not password protected.

Please let me know if any questions.

Done, thank you

I will post the results here (if any)

Hello Julio, best to log a ticket with support, they can help resolve this.  thanks

Hi, someone has hit the following issue we got at our Turbonomic Lab:

We were assigned a valid SSL certificate for Turbonomic UI so to get it accesible from the Internet and to avoid security alerts from other Apps (like Apptio). 

We have at hand both the private key and the public cert. 

We installed it as instructed by (Optional) Adding a certificate for securing the Turbonomic UI

Instructions just include the ingress+name, the private key and the cert.

Upon restarting nginx pod, we are receiving the errors below, Turbo it is asking for the PEM password, but we couldnt figure out where do we have to pass that password to the configuration.

Besides, we are not sure if we need to add the CA certificate as well.  We suppose, as it is a valid SSL cert, it should not be necessary.

***** (rsyslog extract)

nginx-1: Starting nginx
nginx-1: 2024/12/03 21:15:07 [warn] 1#1: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /tmp/nginx/nginx.conf:136
nginx-1: Enter PEM pass phrase:
nginx-1: Enter PEM pass phrase:
nginx-1: 2024/12/03 21:15:07 [emerg] 1#1: cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)
nginx-1: nginx: [emerg] cannot load certificate key "/etc/nginx/certs/tls.key": PEM_read_bio_PrivateKey() failed (SSL: error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:07880109:common libcrypto routines::interrupted or cancelled error:1C80009F:Provider routines::unable to get passphrase error:1400006B:UI routines::processing error:while reading strings error:0480006D:PEM routines::problems getting password error:07880109:common libcrypto routines::interrupted or cancelled error:04800068:PEM routines::bad password read)

*****

We undo the changes and nginx works ok

Any suggestions?

Thanks and regards