我在 Linux(CentOS 8)上运行 SQL Server Microsoft SQL Server 2017(RTM-CU19)(KB4535007)-14.0.3281.6(X64)
我正在尝试为传入连接设置 TLS 证书,并按照这些命令s
/opt/mssql/bin/mssql-conf set network.tlscert (path to pem file)
/opt/mssql/bin/mssql-conf set network.tlskey (path to key file)
/opt/mssql/bin/mssql-conf set network.tlsprotocols 1.2
/opt/mssql/bin/mssql-conf set network.forceencryption 1
然而,当服务器启动时,几秒钟后它会崩溃并出现以下错误:
2022-07-13 15:37:28.85 spid19s Error: 49941, Severity: 16, State: 1.
2022-07-13 15:37:28.85 spid19s Unable to load one or more of the user-specified certificate file(s). Verify that the certificate file(s) are of a supported format.
2022-07-13 15:37:28.89 spid19s Error: 49939, Severity: 16, State: 1.
2022-07-13 15:37:28.89 spid19s Unable to initialize user-specified certificate configuration. The server is being shut down. Verify that the certificate is correctly configured. Error[30]. State[51].
证书本身是使用 openssl 创建的。我有一个自签名 CA,我用它来签署我的所有证书。这些证书在其他应用程序(例如 NGINX / Tomcat)中运行正常,没有问题
我已验证证书主题和 SAN 条目均准确无误。
这个错误非常含糊。我不确定“支持的格式”是什么意思,微软网站上也没有任何内容表明这是什么。他们自己给出了使用 PEM 格式证书的示例。