From: | Maz Mohammadi <mmohammadi(at)pentaho(dot)com> |
---|---|
To: | "pgsql-jdbc(at)postgresql(dot)org" <pgsql-jdbc(at)postgresql(dot)org>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: can't access through SSL |
Date: | 2013-02-24 04:05:12 |
Message-ID: | 9F992F0A0D9BA04F914597F75435942D09576C50C8@MBX36.exg5.exghost.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-jdbc |
I still can't access my SSL enabled server!!!
Is root.crt supposed to be an exact copy of server.crt file which I use in my client's keystore?
I have another observation. As I start the coordinator node, I don't see any file access to the server.key or server.crt file? Aren't these files supposed to be read at start up time or at least when I try to make a connection from my java application?
Everything I try create a datasource on tomcat I get the follow error on client and server's console...
FATAL: connection requires a valid client certificate.
Am I missing something?
-maz
From: pgsql-jdbc-owner(at)postgresql(dot)org [mailto:pgsql-jdbc-owner(at)postgresql(dot)org] On Behalf Of Maz Mohammadi
Sent: Friday, February 22, 2013 4:33 PM
To: pgsql-jdbc(at)postgresql(dot)org
Subject: Re: [JDBC] can't access through SSL
Correction...
After double checking the path to java's keystore file, and correcting it...this is the new error.
FATAL: connection requires a valid client certificate.
Any idea would be greatly appreciated.
-maz
From: Maz Mohammadi
Sent: Friday, February 22, 2013 3:51 PM
To: 'pgsql-jdbc(at)postgresql(dot)org'
Subject: RE: [JDBC] can't access through SSL
Hello,
I regenerated some new keys for my postgres server. I've placed them under /var/lib..../coord and shared them with the datanodes as well.
After adding the certificates to the keystore for my tomcat java application, I get the following error on my server.
LOG: could not accept SSL connection: sslv3 alert certificate unkown.
I thought I had to use JDBC 3 for this.
Any ideas?
-maz
From: Maz Mohammadi
Sent: Friday, February 22, 2013 3:45 PM
To: pgsql-jdbc(at)postgresql(dot)org<mailto:pgsql-jdbc(at)postgresql(dot)org>
Subject: RE: [JDBC] can't access through SSL
Thx, one step closer.
pgsql-jdbc(at)postgresql(dot)org<mailto:pgsql-jdbc(at)postgresql(dot)org>
From: Vitalii Tymchyshyn [mailto:tivv00(at)gmail(dot)com]
Sent: Friday, February 22, 2013 12:56 PM
To: Maz Mohammadi
Cc: pgsql-jdbc(at)postgresql(dot)org<mailto:pgsql-jdbc(at)postgresql(dot)org>
Subject: Re: [JDBC] can't access through SSL
Try jdbc:postgresql://localhost:5432/testdb?ssl=true
2013/2/22 Maz Mohammadi <mmohammadi(at)pentaho(dot)com<mailto:mmohammadi(at)pentaho(dot)com>>
Hello all,
I'm trying to access a postgres database through a java application (tomcat). This is the only entry I have in pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
hostssl all all 127.0.0.1/32<http://127.0.0.1/32> cert
and put the certicate (from /var/lib/postre...../coord/server.crt) in the cacerts under $JAVA_HOME/.......
This is my jdbc URL....
jdbc:postgresql://localhost:5432/testdb&ssl=true
But When I try to create a datasource on tomcat, I get the following error...
"Connection attempt failed: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "progres-xc", database "testdb&ssl=true", SSL off"
Any help is greatly appreciated.
-maz
--
Best regards,
Vitalii Tymchyshyn
From | Date | Subject | |
---|---|---|---|
Next Message | Jasen Betts | 2013-02-24 05:45:27 | Re: Dumb question involving to_tsvector and a view |
Previous Message | Adrian Klaver | 2013-02-23 23:12:19 | Re: stored procedure code |
From | Date | Subject | |
---|---|---|---|
Next Message | Ray Stell | 2013-02-24 19:37:05 | Re: [JDBC] can't access through SSL |
Previous Message | Dave Cramer | 2013-02-23 11:18:26 | Re: JDBC + ENUM + NULL Insert == |