| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Luca Stancapiano" <l(dot)stancapiano(at)k-tech(dot)it> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: ssl with pem password |
| Date: | 2005-07-25 17:15:50 |
| Message-ID: | 5806.1122311750@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
"Luca Stancapiano" <l(dot)stancapiano(at)k-tech(dot)it> writes:
> hi.....I'm trying to use postgresql in mode ssl and I would to use a
> private key that uses a pem password. When I launch postgres with
> postgres user and my server.key and server.crt in my home ,in this mode:
> echo password | /usr/bin/postmaster -il -p '5432' -D '/home/data'
> I see this message:
> Enter PEM pass phrase
> but I would a thing more automatic without that password request. Is it
> possible?
If you want the server to launch without a password, you have to alter
the server key file to remove its password. See the documentation.
The above is hardly a more-secure approach, since anyone who can look at
the script (or happen to see the "echo" executing in ps) can find out
the password. You might as well rely on file permissions to prevent
people from getting at the password-less key file.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Guido Barosio | 2005-07-25 18:39:42 | Re: How to Download Postgresql for Windows |
| Previous Message | Tsirkin Evgeny | 2005-07-25 13:07:36 | postgresql array with perl |