Skip site navigation (1) Skip section navigation (2)

Re: ssl database connection problems...

From: Ray Stell <stellr(at)cns(dot)vt(dot)edu>
To: Carol Walter <walterc(at)indiana(dot)edu>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: ssl database connection problems...
Date: 2008-12-30 02:36:30
Message-ID: 20081230023630.GA19239@cns.vt.edu (view raw or flat)
Thread:
Lists: pgsql-admin
On Mon, Dec 29, 2008 at 04:23:30PM -0500, Carol Walter wrote:
> "with openssl" when I initially configured the server.  Are there other 
> things that need to be done to get openssl started on the database server?  
> How can I diagnose this problem?
>

The files server.key, server.crt, root.crt, and root.crl are only examined
during server start; so you must restart the server for changes in them
to take effect.

http://www.postgresql.org/docs/8.3/interactive/ssl-tcp.html

It's been awhile since I played with this, but there's something about an 
environment var, PGSSLMODE.

You can use openssl to verify the server/root ca correctness like
this:

openssl  verify -CAfile ./root.crt testcert.pem

assuming openssl in the mix.

In response to

Responses

pgsql-admin by date

Next:From: Tom LaneDate: 2008-12-30 03:13:12
Subject: Re: ssl database connection problems...
Previous:From: Scott MarloweDate: 2008-12-29 21:50:38
Subject: Re: ssl database connection problems...

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group