From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Richard Troy <rtroy(at)ScienceTools(dot)com> |
Cc: | pgsql-novice(at)postgresql(dot)org |
Subject: | Re: SSL Connection help, pls... |
Date: | 2010-01-28 16:10:50 |
Message-ID: | 15841.1264695050@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-novice |
Richard Troy <rtroy(at)ScienceTools(dot)com> writes:
>> * Look in the postmaster log to see what gets logged during a failed
>> connection attempt.
> Of course! -duh!-
> Depending on which test, I get either:
> LOG: could not accept SSL connection: sslv3 alert certificate unknown
> LOG: could not accept SSL connection: peer did not return a certificate
> ...which seems to (strongly) suggest that it's requiring not only an
> encrypted connection but that the user present a certificate.
I think that at least around 8.2, the postmaster interprets the presence
of root.crt as indicating that it should demand client certs. Better
check the docs though (and this is something I think Magnus changed in
8.4, but not totally sure, so be sure to check the right version of
the docs).
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Richard Troy | 2010-01-28 16:20:52 | Re: SSL Connection help, pls... |
Previous Message | Mladen Gogala | 2010-01-28 16:09:25 | PG_STAT_DATABASE |