Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cli: cockroach sql fails after successful connect and start-single-node without arguments #61616

Open
knz opened this issue Mar 8, 2021 · 1 comment
Open

cli: cockroach sql fails after successful connect and start-single-node without arguments #61616

knz opened this issue Mar 8, 2021 · 1 comment
Labels
A-authentication Pertains to authn subsystems A-cli-admin CLI commands that pertain to controlling and configuring nodes A-cli-client CLI commands that pertain to using SQL features A-security C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. S-3-ux-surprise Issue leaves users wondering whether CRDB is behaving properly. Likely to hurt reputation/adoption. T-server-and-security DB Server & Security
Projects
DB Server & Security

Comments

@knz
Copy link
Contributor

knz commented Mar 8, 2021
edited

The following two commands succeed without any additional arguments:

% cockroach connect --single-node
% cockroach start-single-node

Then after issuing the following command, which was recommended by the output of connect:

% ./cockroach cert create-client root --ca-key=~/.cockroach-certs/ca-client.key

invocation of cockroach sql without argument fails:

% ./cockroach sql
[...]
ERROR: x509: certificate is valid for kenax, not localhost
Failed running "sql"

This is because of a design mismatch:

  • connect and start commands use the "hostname" of the machine
  • sql and other client commands default to localhost
  • connect command does not populate localhost into the cert unless requested explicitly

What to do about this?

cc @aaron-crl @itsbilal

Part of #60632

Jira issue: CRDB-6274
Epic: CRDB-6663
@knz knz added C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. S-3-ux-surprise Issue leaves users wondering whether CRDB is behaving properly. Likely to hurt reputation/adoption. A-cli A-security labels Mar 8, 2021
@knz knz added this to To do in DB Server & Security via automation Mar 8, 2021
@knz knz mentioned this issue Mar 8, 2021
Closed
@knz knz added A-cli-admin CLI commands that pertain to controlling and configuring nodes A-cli-client CLI commands that pertain to using SQL features and removed A-cli labels Mar 20, 2021
@jlinder jlinder added the T-server-and-security DB Server & Security label Jun 16, 2021
@knz knz added the A-authentication Pertains to authn subsystems label Jul 29, 2021
@knz knz moved this from To do to Linked issues (from the roadmap columns on the right) in DB Server & Security Jul 29, 2021
@Ydot19
Copy link

Ydot19 commented Mar 7, 2022

Been pounding my head trying to get this to work and it is a known issue 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-authentication Pertains to authn subsystems A-cli-admin CLI commands that pertain to controlling and configuring nodes A-cli-client CLI commands that pertain to using SQL features A-security C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. S-3-ux-surprise Issue leaves users wondering whether CRDB is behaving properly. Likely to hurt reputation/adoption. T-server-and-security DB Server & Security
Projects
DB Server & Security
  
Linked issues (from the roadmap colum...
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jlinder @knz @Ydot19