Skip site navigation (1) Skip section navigation (2)

Re: [TESTERS] Location of certs -Windows 7 SSL mode?

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Lou Picciano <LouPicciano(at)comcast(dot)net>
Cc: pgsql-testers <pgsql-testers(at)postgresql(dot)org>, pgsql-bugs <pgsql-bugs(at)postgresql(dot)org>
Subject: Re: [TESTERS] Location of certs -Windows 7 SSL mode?
Date: 2010-07-07 08:50:03
Message-ID: AANLkTil1O2IciRJEubQSyesDCpzMyXIkzqXQzPdlbtAw@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-bugspgsql-testers
On Wed, Jul 7, 2010 at 01:37, Lou Picciano <LouPicciano(at)comcast(dot)net> wrote:
> [TEST REPORT]
> [Release]: 9.0Beta2
> [Test Type]: Testing connection - pgAdmin - using certificate on Windows 7 -
> Specifically, what is correct default placement of certs?
> [Test]: Attempt to connect - SSL required or better - using standard
> AppData/Roaming location for certs, key.
> [Platform]: Windows 7 Ultimate 64-bit - attempting connection using
> pgAdminIII as a test of SSL connectivity.
> [Parameters]: First, attempted connection, with SSL required and NO certs,
> to determine default location based on error message!
> [Failure]: Yes
> [Results]: Installation of a pre-packaged PostgreSQL, using an installer (in
> this case a b1 packaged by EnterpriseDB), did create a postgresql folder in
> the expected location: C:\Users\<username>\AppData\Roaming\postgresql.
>  After placement of valid certs and key in this folder, cannot connect in
> any SSL mode.
> Interestingly, the error message reverses the pathname delimiter, halfway
> through the message, from Windows-standard to UNIX-standard (is this
> relevant?)...
> "Error connecting to the server: could not open certificate file
> "C:\Users\<username>\AppData\roaming/postgresql/potgresql.crt": No such file
> or directory.

The reversed slashes are pretty normal, and should work just fine.

What is your connection string? Are you specifying the cert file there as well?

Does the file actually exist in that directory? Does the permissions
on the file and all the directories leading up to it let you read the
file?

The code itself should actually "never" do this - it specifically
checks if the file doesn't exist, and should *not* show that error..
It should fail much later, when the server actually requests the
cert.. And the API documentation for stat() on windows says it'll
always return ENOENT on failure. Seems to me Windows is confused, but
I'm not entirely sure how.

Can you try specifying an explicit file say directly in c:\, just to
see if that works?

BTW, if you post bug reports to -bugs, it'll make a lot more people see them.

-- 
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

In response to

Responses

pgsql-bugs by date

Next:From: Lou PiccianoDate: 2010-07-07 14:28:46
Subject: Re: [TESTERS] Location of certs -Windows 7 SSL mode?
Previous:From: Gurjeet SinghDate: 2010-07-07 05:06:23
Subject: Re: Negative result with (now()-previously_inserted_timestamp)

pgsql-testers by date

Next:From: Lou PiccianoDate: 2010-07-07 14:28:46
Subject: Re: [TESTERS] Location of certs -Windows 7 SSL mode?
Previous:From: Lou PiccianoDate: 2010-07-06 23:37:46
Subject: Location of certs -Windows 7 SSL mode?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group