My (only) database server went down and I am in the process of recovering everything. I created a new server and now I just want to restore the database backup.
I have a nightly script that runs this command to create an encrypted backup:
pg_dump $DATABASE | openssl smime -encrypt -binary -text -aes256 -out $HOME/$DUMP_FILE_NAME -outform DER ~/sql_dump.pub.pem
And now I have the file resulting from it so I run the command:
openssl smime -decrypt -in database.enc -recip sql_dump.priv.pem
Where my sql_dump.priv.pem file looks like this:
-----BEGIN PRIVATE KEY-----
(private key data)
-----END PRIVATE KEY-----
However for some reason I am getting this error instead of a decrypted file:
unable to load certificate
139830333706752:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
I'm not sure what is happening or why but I know I managed to decrypt the encryption a few times when I developed the backup solution. So I know there is a way to decrypt it.
Does anybody have any idea what is going wrong?
P.S. I know... I should have multiple database servers to prevent this. As well as an automated backup script or at the least document how to recover from something like this. I did not do that and I should have :( lesson learned for next time
I am using Linux on both the server and my development laptop in case that matters
EDIT:
Okay I am a step closer now.
I am decrypting with:
openssl smime -decrypt -in database.enc -recip sql_dump.pub.pem -inkey sql_dump.priv.pem
But I am now getting another error:
Error reading S/MIME message
140276418503168:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type:crypto/asn1/asn_mime.c:391:
