What is the reason for the error "SSLCert must have a private key" when trying to set up a MongoDB datasource using SSL in TIBCO Data Virtualization?

What is the reason for the error "SSLCert must have a private key" when trying to set up a MongoDB datasource using SSL in TIBCO Data Virtualization?

book

Article ID: KB0070110

calendar_today

Updated On:

Products Versions
TIBCO Data Virtualization All supported versions.

Description

A MongoDB datasource setup might lead to an error as below:  
ERROR [jetty thread pool-317117] 2024-04-08 02:53:44.074 -0700 MongoDBConnectionFactory - 0 [Connection: 16]Failed to get hello response from dbmghydprddbgtprda:27,117, SSLCert must have a private key..
ERROR [jetty thread pool-317117] 2024-04-08 02:53:44.076 -0700 MongoDBConnectionFactory - 0 [Connection: 16]Failed to get hello response from dbmghydprddbgtprdb:27,117, SSLCert must have a private key..
ERROR [jetty thread pool-317117] 2024-04-08 02:53:44.078 -0700 MongoDBConnectionFactory - 0 [Connection: 16]Failed to get hello response from dbmghydprddbgtprdc:27,117, SSLCert must have a private key..
INFO [jetty thread pool-317117] 2024-04-08 02:53:44.080 -0700 MongoDBConnectionFactory - 1 [16|Q-Id][INFO|Connec] Executed connect: Error: SSLCert must have a private key.
INFO [jetty thread pool-317117] 2024-04-08 02:53:44.080 -0700 MongoDBConnectionFactory - 2 [16|Q-Id]SSLCert must have a private key.
XcdataXmongodbX230X8839.eie
at XcdataXmongodbX230X8839.jq.e(Unknown Source)
at XcdataXmongodbX230X8839.dbe.b(Unknown Source)
at XcdataXmongodbX230X8839.ope.a(Unknown Source)
at XcdataXmongodbX230X8839.mpe.a(Unknown Source)
at XcdataXmongodbX230X8839.zle.i(Unknown Source)
at XcdataXmongodbX230X8839.zle.a(Unknown Source)
at XcdataXmongodbX230X8839.ame.a(Unknown Source)
at XcdataXmongodbX230X8839.ame.a(Unknown Source)
at XcdataXmongodbX230X8839.bme.i(Unknown Source)
at XcdataXmongodbX230X8839.zyc.i(Unknown Source)
at XcdataXmongodbX230X8839.bud.i(Unknown Source)
at XcdataXmongodbX230X8839.lgc.i(Unknown Source)
at XcdataXmongodbX230X8839.kwb.aZ(Unknown Source)
at XcdataXmongodbX230X8839.kwb.i(Unknown Source)
at XcdataXmongodbX230X8839.kwb.j(Unknown Source)
at XcdataXmongodbX230X8839.ttb.j(Unknown Source)
at XcdataXmongodbX230X8839.vtb.a(Unknown Source)
at XcdataXmongodbX230X8839.vtb.a(Unknown Source)
at com.cdata.cis.mongodb.MongoDBConnectionFactory.create(Unknown Source)
...
ERROR [jetty thread pool-317117] 2024-04-08 02:53:44.080 -0700 MongoDBConnectionFactory - 0 [16|Q-Id][INFO|Connec] Failed to open MongoDB connection. Version: [23.0.8839.0]. Edition: [CIS Adapter].
INFO [jetty thread pool-317117] 2024-04-08 02:53:44.080 -0700 MongoDBConnectionFactory - 1 [16|Q-Id][INFO|Connec] Closed MongoDB connection
ERROR [jetty thread pool-317117] 2024-04-08 02:53:44.080 -0700 MongoDBConnectionFactory - 0 SSLCert must have a private key.
This error suggests that there is an issue with the SSL certificate that is being used.

Issue/Introduction

This article will explain the reason why the error "SSLCert must have a private key" can be observed in TIBCO Data Virtualization.

Environment

All supported environments.

Resolution

In TIBCO Data Virtualization, a valid SSL certificate needs to be configured for a secured MongoDB connection. Generally, a PEM key file (certificate) is used. 
But the error "SSLCert must have a private key" is because the PEM file is missing the PRIVATE KEY.

To verify this, just open the PEM file in a text editor (like Notepad). Here, if there is a private key present in the PEM file, the block starts with the below lines: 
-----
-----BEGIN PRIVATE KEY----  or  -----BEGIN RSA PRIVATE KEY-----  or  -----BEGIN ENCRYPTED PRIVATE KEY-----
-----
If it is not present, then a valid PEM file having the PRIVATE KEY should be used.
In case if there is a chain of certificates, only the final certificate will have the PRIVATE KEY.
Powered by Wolken Software