Skip site navigation (1) Skip section navigation (2)

Re: ssl with pem password

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Luca Stancapiano" <l(dot)stancapiano(at)k-tech(dot)it>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: ssl with pem password
Date: 2005-07-25 17:15:50
Message-ID: 5806.1122311750@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-admin
"Luca Stancapiano" <l(dot)stancapiano(at)k-tech(dot)it> writes:
> hi.....I'm trying to use postgresql in mode ssl and I would to use a
> private key that uses a pem password.  When I launch postgres with
> postgres user and my server.key and server.crt in my home ,in this mode:

> echo password | /usr/bin/postmaster -il -p '5432' -D '/home/data'

> I see this message:

> Enter PEM pass phrase

> but I would a thing more automatic without that password request. Is it
> possible?

If you want the server to launch without a password, you have to alter
the server key file to remove its password.  See the documentation.

The above is hardly a more-secure approach, since anyone who can look at
the script (or happen to see the "echo" executing in ps) can find out
the password.  You might as well rely on file permissions to prevent
people from getting at the password-less key file.

			regards, tom lane

In response to

Responses

pgsql-admin by date

Next:From: Guido BarosioDate: 2005-07-25 18:39:42
Subject: Re: How to Download Postgresql for Windows
Previous:From: Tsirkin EvgenyDate: 2005-07-25 13:07:36
Subject: postgresql array with perl

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group