Skip site navigation (1) Skip section navigation (2)

Re: SSL Connection help, pls...

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Richard Troy <rtroy(at)ScienceTools(dot)com>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: SSL Connection help, pls...
Date: 2010-01-28 16:10:50
Message-ID: 15841.1264695050@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-novice
Richard Troy <rtroy(at)ScienceTools(dot)com> writes:
>> * Look in the postmaster log to see what gets logged during a failed
>> connection attempt.

> Of course! -duh!-

> Depending on which test, I get either:

> LOG:  could not accept SSL connection: sslv3 alert certificate unknown
> LOG:  could not accept SSL connection: peer did not return a certificate

> ...which seems to (strongly) suggest that it's requiring not only an
> encrypted connection but that the user present a certificate.

I think that at least around 8.2, the postmaster interprets the presence
of root.crt as indicating that it should demand client certs.  Better
check the docs though (and this is something I think Magnus changed in
8.4, but not totally sure, so be sure to check the right version of
the docs).

			regards, tom lane

In response to

Responses

pgsql-novice by date

Next:From: Richard TroyDate: 2010-01-28 16:20:52
Subject: Re: SSL Connection help, pls...
Previous:From: Mladen GogalaDate: 2010-01-28 16:09:25
Subject: PG_STAT_DATABASE

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group