Mender server 3.2: container deviceauth and useradm continuously restarting

General Discussions
1

Hello,

I’m trying to setup a fresh installation of mender-server locally (this is done on a virtual machine hosted on Synology NAS, running ubuntu 22.04).

Currently I reach point where I should now create the first user, but it fails with the following mezssage:

Error response from daemon: Container fb358b941c74205413d938ed65e2f037e1f08dd27f9fc828aa2e239152731032 is restarting, wait until the container is running

I have checked docker containers and deviceauth + useradm are continusouly restarting. Checking the logs give me the following error:

time=“2022-06-04T06:56:20Z” level=info msg=“User Administration Service starting up” file=main.go func=main.runServer line=155
time=“2022-06-04T06:56:20Z” level=info msg=“running migrations in single tenant mode” file=migrations.go func=“mongo.(*DataStoreMongo).Migrate” line=82
time=“2022-06-04T06:56:20Z” level=info msg=“automigrate is ON, will apply migrations” file=migrations.go func=“mongo.(*DataStoreMongo).Migrate” line=86
time=“2022-06-04T06:56:20Z” level=info msg=“migrating useradm” file=migrations.go func=“mongo.(*DataStoreMongo).Migrate” line=92
time=“2022-06-04T06:56:20Z” level=info msg=“migration to version 1.0.0 skipped” db=useradm file=migrator_simple.go func=“migrate.(*SimpleMigrator).Apply” line=125
time=“2022-06-04T06:56:20Z” level=info msg=“migration to version 1.1.4 skipped” db=useradm file=migrator_simple.go func=“migrate.(*SimpleMigrator).Apply” line=125
time=“2022-06-04T06:56:20Z” level=info msg=“DB migrated to version 1.1.4” db=useradm file=migrator_simple.go func=“migrate.(*SimpleMigrator).Apply” line=140
failed to read rsa private key: unknown server private key type; got: PRIVATE KEY, want: RSA PRIVATE KEY

What I have done wrong ? I have just followed the procedure at https://docs.mender.io/3.2/server-installation/installation-with-docker-compose but I suspect something need to be changed on keygen part.

Thanks for the feedbacks !

Joel

EDIT: it seems this can be due to newer version of openssl: ssl - How to convert a private key to an RSA private key? - Stack Overflow can you confirm on mender side ? :slight_smile:

2

Hi, I am facing the same problem with the latest version of mender server

It seems that the command
openssl rsa -in $FILE_NAME_PRIVATE_KEY -out $FILE_NAME_PRIVATE_KEY

is no longer converting the keys to RSA format. This issue is mentioned in the key generation script but it seems that the command is no longer working:

# convert to RSA private key format, otherwise services complain:"
# level=fatal msg="failed to read rsa private key: jwt: can't open key - not an rsa private key" file=proc.go func=runtime.main line=183
openssl rsa -in $FILE_NAME_PRIVATE_KEY -out $FILE_NAME_PRIVATE_KEY
3

Hi again, @joelguittet ,
The problem is solved by adding “-traditional” option to the command so it looks like:

openssl rsa -in $FILE_NAME_PRIVATE_KEY -out $FILE_NAME_PRIVATE_KEY -traditional

4

Hello @pedromiguel.sanchez
Thanks for the advice, will test on my side and report here !
Joel

5

Hello,
The above solution fix the issue for me too.
For information openssl version on ubuntu 22.04 is 3.0.2 actually.
Joel

6

Also if you cant use the -traditional flag as your system is older than 22.04, you can edit the

mender-server/production/keys-generated/cert/private.key

and add RSA so that the headers reads BEGIN RSA PRIVATE KEY and ends with END RSA PRIVATE KEY