From: | Magnus Hagander <magnus(at)hagander(dot)net> |
---|---|
To: | Alex Hunsaker <badalex(at)gmail(dot)com> |
Cc: | PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: SSL cleanups/hostname verification |
Date: | 2008-11-12 06:15:06 |
Message-ID: | 09254FF2-F519-440F-8D52-96BA79668027@hagander.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 12 nov 2008, at 05.28, "Alex Hunsaker" <badalex(at)gmail(dot)com> wrote:
> On Tue, Nov 11, 2008 at 06:16, Magnus Hagander <magnus(at)hagander(dot)net>
> wrote:
>> Alex Hunsaker wrote:
>>> On Mon, Oct 20, 2008 at 05:50, Magnus Hagander
>>> <magnus(at)hagander(dot)net> wrote:
>>
>>> $ SSLVERIFY=cn ./psql junk -h 192.168.0.2
>>> psql: server common name 'bahdushka' does not match hostname
>>> '192.168.0.2'FATAL: no pg_hba.conf entry for host "192.168.0.2",
>>> user
>>> "alex", database "junk", SSL off
>>
>> It needs to be PGSSLVERIFY if it's an environment variable.
>> sslverify is
>> the connection parameter.
>
> Doh! Will go retry just as soon as I find a boot big enough to kick
> myself with.
:)
>
>> RI think that's confusing your tests all the way through :(
>>
>> Also, I'd recommend running the server with a log on a different
>> console
>> or to a file so you don't get client and server error messages
>> mixed up.
>
> Well it was on a different console, I just put them into the same view
> to show that I was actually restarting postgres when I changed the ssl
> keys :)
Heh, ok.
>>> $ SSLVERIFY=none ./psql junk -h bahdushka
>>> psql: root certificate file (/home/alex/.postgresql/root.crt)
>>
>> Is that really the whole error message, or was it cut off? Because
>> if it
>> is, then that is certainly a bug!
>
> Err it said psql: root certificate file
> (/home/alex/.postgresql/root.crt) not found
Ok, good, then it's not broken.
/Magnus
>>
From | Date | Subject | |
---|---|---|---|
Next Message | Charlie Savage | 2008-11-12 06:20:56 | Re: 8.3 .4 + Vista + MingW + initdb = ACCESS_DENIED |
Previous Message | Robert Haas | 2008-11-12 04:36:34 | Re: Meaning of transaction pg_locks? |