On Mon, 30 May 2011 23:56:54 -0400, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "Jean-Yves F. Barbier" <12ukwn(at)gmail(dot)com> writes:
> > On Mon, 30 May 2011 23:06:18 -0400, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> >> It appears from the message that X509_STORE_load_locations is returning
> >> zero but not bothering to set up an OpenSSL error message. It's not
> >> entirely surprising that they might consider an empty file as an error,
> > No, it is pure missing:
> > I copied the client certificate id (generated in root.srl) into root.crl
> > and still nothing,
> > I also tested a copy of this file (instead a symlink) into
> > /var/lib/postgresql/9.0/main/,
> > and in /var/lib/postgresql/ (Debian postgres user home)
> > and also into /var/lib/postgresql/.postgresql/ !
> The file is supposed to be in $PGDATA. Random other locations will
> definitely *not* work.
$PGDATA is /var/lib/postgresql/9.0/main/ in Debian.
It is now working: I was naively thinking that root.crl should be feed
only with the certificate footprint (from root.srl, which is generated each
time I use the HOWTO client certificate generation script) but it was the
entire certificate that should be in (info grabbed on an ibm Pg paper but not
found into Pg's doc - I'm not very tough into openssl:(
I may kid around about drugs, but really, I take them seriously.
-- Doctor Graper
In response to
pgsql-novice by date
|Next:||From: Jean-Yves F. Barbier||Date: 2011-05-31 13:18:42|
|Subject: indexes multicolumn|
|Previous:||From: Ognjen Blagojevic||Date: 2011-05-31 08:05:41|
|Subject: Re: CentOS 5.6|