From: | Tino Schwarze <postgresql(at)tisc(dot)de> |
---|---|
To: | pgsql-admin(at)postgresql(dot)org |
Subject: | Re: SSL question |
Date: | 2008-02-03 10:38:33 |
Message-ID: | 20080203103833.GA25561@easy2.in-chemnitz.de |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
On Fri, Feb 01, 2008 at 09:08:23AM -0600, Bronson, Allan B. (Mission Systems) wrote:
> I am trying to create a SSl connection to PostGres using JDBC and am not
> sure if it is working.
>
> I read that you must have openssl on the client machine for the
> connection to take place.
You don't need openssl if you use JDBC since SSL-support is part of
Java and the JDBC-driver will handle the SSL stuff.
I've never used SSL connections though, so this is a bit of guessing on
my side.
> I have turned ssl = on in the config file,
> created a cert and key file and placed them in the correct directory,
> created a truststore and add the ?ssl=true to the url for the client.
> When I do all this I connect and get data back from the db. My
> confusion is when I read that I need openssl on the client machine to
> connect, since I can connect without openssl installed. I do notice
> that if my truststore does not have the cert placed in it, I get an
> error saying missing certificate ( something like that ), does that mean
> ssl is working for the client and server?
I'd simply take a packet sniffer like wireshark and look at the network
traffic with and without SSL. That way you'll see what is going on and
whether it's encrypted.
HTH,
Tino.
--
www.craniosacralzentrum.de
www.spiritualdesign-chemnitz.de
Tino Schwarze * Lortzingstraße 21 * 09119 Chemnitz
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Koczan | 2008-02-03 21:20:05 | Re: SSL question |
Previous Message | Tom Lane | 2008-02-02 20:36:15 | Re: Legacy foreign keys |