Open
Description
Is your feature request related to a problem? Please describe.
Attempting to help a user who is using a trusted CA certificate, and the logs report that the trusted certificate cannot be parsed. When looking at a cat output of the certificate in question, the preamble begins with BEGIN TRUSTED CERTIFICATE
The error is reported in logs as shown:
I210712 4:56:25.992978 1 cli/start.go:516 ⋮ starting cockroach node
W210712 4:56:25.993770 43 security/certificate_loader.go:353 ⋮ could not parse certificate for ‹/cockroach/test_certs/ca.crt›: ‹failed to parse certificate file ca.crt as PEM: block #0 is of type TRUSTED CERTIFICATE, not CERTIFICATE›
E210712 4:56:25.994408 1 cli/error.go:398 ⋮ ‹ERROR: cannot load certificates.›
‹Check your certificate settings, set --certs-dir, or use --insecure for insecure clusters.›
‹failed to start server: problem with CA certificate: failed to parse certificate file ca.crt as PEM: block #0 is of type TRUSTED CERTIFICATE, not CERTIFICATE›
Describe the solution you'd like
Parsing the trusted certificate so that they can be used just like a regular certificate.
Describe alternatives you've considered
Changing the certificate file in the test to use the certificate with preamble BEGIN CERTIFICATE instead of certificate with preamble BEGIN TRUSTED CERTIFICATE ended up working for the purposes of this test.
Jira issue: CRDB-8610