Skip site navigation (1) Skip section navigation (2)

Re: PostgreSQL + SSL - sun.security.validator.ValidatorException

From: Kris Jurka <books(at)ejurka(dot)com>
To: Andrew M <andrew(at)jibeya(dot)com>
Cc: pgsql-jdbc(at)postgresql(dot)org
Subject: Re: PostgreSQL + SSL - sun.security.validator.ValidatorException
Date: 2004-12-11 20:13:34
Message-ID: Pine.BSO.4.56.0412111509490.404@leary.csoft.net (view raw or flat)
Thread:
Lists: pgsql-jdbc

On Sat, 11 Dec 2004, Andrew M wrote:

> so the best I can do at the moment, in terms of ssl on postgresql via 
> JDBC, is to use an unauthenticated connection!? Is man in the middle a 
> real concern, as the data in the tables will be encrypted?

No, it's not unauthenticed.  We authenticate the server certificate, but
not a client certificate.  This is exactly like browsing to a https
website.  You validate the server's certificate, checking that they are
who they say they are, but you don't send the web server a client
certificate.  This means the web server, or in our case the postgresql
server, cannot verify that you are who you say are from the ssl connection
alone, but there are other means of doing this, like a password.

Kris Jurka

In response to

pgsql-jdbc by date

Next:From: Oliver JowettDate: 2004-12-11 22:54:59
Subject: Re: PostgreSQL + SSL - sun.security.validator.ValidatorException
Previous:From: Tom LaneDate: 2004-12-11 18:27:21
Subject: Re: [JDBC] Issue with large objects

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group