Re: Postgres won't start after setting ssl=on

Sweet! That fixed it.. Rock on..

Of course now let's see if I can connect from my Mac client :)

On Sat, Oct 9, 2010 at 9:00 PM, Ben Carbery <ben(dot)carbery(at)gmail(dot)com> wrote:
> The private keys needs to be readable by the same user the server runs
> under. This is distribution-dependent and may not be 'root'.
> In my case I run Red Hat which uses the 'postgres' user, so:
>
> chown postgres.postgres /var/lib/pgsql/data/server.*
>
>
> On Sun, Oct 10, 2010 at 2:52 PM, Mike Christensen <mike(at)kitchenpc(dot)com>
> wrote:
>>
>> Hi, I'm trying to require SSL for Postgres connections from certain
>> IPs..  This is on Postgres 9.0.
>>
>> First, I've followed the directions at:
>>
>> http://www.postgresql.org/docs/9.0/static/ssl-tcp.html
>>
>> I've created the files server.crt and server.key.  I've also removed
>> the passphrase from the key so Postgres can start automatically.
>> Finally, I ran:
>>
>> chmod 0600 server.key
>>
>> The permissions on server.key are now:
>>
>> -rw------- 1 root root 887 Oct 10 03:42 server.key
>>
>> However, when I set ssl = on in postgresql.conf and start the server,
>> I get the logged error:
>>
>> 2010-10-10 03:47:07 UTC FATAL:  could not load private key file
>> "server.key": Permission denied
>>
>> I'm logged on as root.  Any ideas?  Thanks!
>>
>> Mike
>>
>> --
>> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgsql-general
>
>
>
> --
>  -------------------------------------------------------------------------------------------------------------------------------------------------------
> "Because it that the times revive as time is fresh somehow, and it to feel
> wins why, and, as for it, all forget an old thing" - Japanese saying
>