Database Connection Fails Due to Invalid or Expired Certificate
When starting PrivX or during an upgrade, you may see the following error:
[ERROR] DB connection failure: x509: certificate has expired or is not yet valid. Retrying in 15 seconds…
This indicates that the TLS certificate used by your database server has either expired or is no longer valid. This prevents PrivX from establishing a secure connection to the database.
Potential Solution
- For production environments: Contact your database admin to renew or replace the expired or invalid certificate on the database server.
- For proof-of-concept (POC) environments using a local database:
- Recreate a new local database certificate by running:
sudo /opt/privx/scripts/init_db.sh recreate-local-db-cert
- Restart the database service.
- Recreate a new local database certificate by running: