Re: ssl database connection problems...

From: Ray Stell <stellr(at)cns(dot)vt(dot)edu>
To: Carol Walter <walterc(at)indiana(dot)edu>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: ssl database connection problems...
Date: 2008-12-30 02:36:30
Message-ID: 20081230023630.GA19239@cns.vt.edu
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Mon, Dec 29, 2008 at 04:23:30PM -0500, Carol Walter wrote:
> "with openssl" when I initially configured the server. Are there other
> things that need to be done to get openssl started on the database server?
> How can I diagnose this problem?
>

The files server.key, server.crt, root.crt, and root.crl are only examined
during server start; so you must restart the server for changes in them
to take effect.

http://www.postgresql.org/docs/8.3/interactive/ssl-tcp.html

It's been awhile since I played with this, but there's something about an
environment var, PGSSLMODE.

You can use openssl to verify the server/root ca correctness like
this:

openssl verify -CAfile ./root.crt testcert.pem

assuming openssl in the mix.

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Tom Lane 2008-12-30 03:13:12 Re: ssl database connection problems...
Previous Message Scott Marlowe 2008-12-29 21:50:38 Re: ssl database connection problems...