Re: PostgreSQL + SSL

Actually, the new 7.3.1 error message is:

if (!S_ISREG(buf.st_mode) || (buf.st_mode & 0077) ||
buf.st_uid != getuid())
{
postmaster_error("bad permissions on private key file (%s)\n"
"File must be owned by the proper user and must have no permissions for\n"
"\"group\" or \"other\".", fnbuf);
ExitPostmaster(1);
}

so that should be clearer for people when it fails. 7.3 had similar
restrictions, but reported the failure more concisely.

---------------------------------------------------------------------------

Bhuvan A wrote:
>
> > I?m trying to config PG with SSL, but i got a error. I create the key
> > and the certificate and put both in $PGDATA directory. I also enabled
> > the ssl option in postgresql.conf. But when i run postmaster i got a
> > error saying that server.key has wrong permissions.
>
> It reports the error in either of the below cases:
>
> 1. If the file permission is not -r--r--r--.
> 2. If the certificate and the private key are invalid.
>
> The clear advice is available in the documentation itself. Try out
> http://developer.postgresql.org/docs/postgres/ssl-tcp.html for details.
>
> regards,
> bhuvaneswaran
>
>
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
> (send "unregister YourEmailAddressHere" to majordomo(at)postgresql(dot)org)
>

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073