search

sap-linuxlab / community.sap_libs

Automation for SAP - Collection of Ansible Modules for SAP for low-level activities which are highly reusable
Apache License 2.0
16 stars 7 forks source link

sap_hdbsql module: SECURE Connection #41

Open stm85 opened 5 months ago

stm85 commented 5 months ago

Summary

Hi,

The configured trusted Part

    if encrypted is True:
        command.extend([' -attemptencrypt'])

could not work from my perspektive in most of the cases.

ERROR in our Landscape:

/usr/sap/HDB/HDB00/exe/hdbsql -e -attemptencrypt -n localhost -i 00 -d HDB-u SYSTEM -p 'password' "\s"

==============================================================================
== SECURITY WARNING: The encrypted communication attempt failed. Retrying   ==
==                   the connection attempt without encryption options.     ==
==============================================================================

I've changed the module part to the following one

    if encrypted is True:
        command.extend(['-e' , '-ssltrustcert', '-sslcreatecert'])

this solution is working fine in our landscape

Issue Type

Feature Idea

Component Name

hdbsql

Additional Information

Code of Conduct

rainerleber commented 5 months ago

Hi @stm85 sounds like a good improvement. I will try to implement it as soon as possible.