| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Richard Troy <rtroy(at)ScienceTools(dot)com> |
| Cc: | pgsql-novice(at)postgresql(dot)org |
| Subject: | Re: SSL Connection help, pls... |
| Date: | 2010-01-28 16:10:50 |
| Message-ID: | 15841.1264695050@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Richard Troy <rtroy(at)ScienceTools(dot)com> writes:
>> * Look in the postmaster log to see what gets logged during a failed
>> connection attempt.
> Of course! -duh!-
> Depending on which test, I get either:
> LOG: could not accept SSL connection: sslv3 alert certificate unknown
> LOG: could not accept SSL connection: peer did not return a certificate
> ...which seems to (strongly) suggest that it's requiring not only an
> encrypted connection but that the user present a certificate.
I think that at least around 8.2, the postmaster interprets the presence
of root.crt as indicating that it should demand client certs. Better
check the docs though (and this is something I think Magnus changed in
8.4, but not totally sure, so be sure to check the right version of
the docs).
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Richard Troy | 2010-01-28 16:20:52 | Re: SSL Connection help, pls... |
| Previous Message | Mladen Gogala | 2010-01-28 16:09:25 | PG_STAT_DATABASE |