| From: | Rob Sargent <robjsargent(at)gmail(dot)com> |
|---|---|
| To: | pgsql-jdbc(at)lists(dot)postgresql(dot)org |
| Subject: | Re: PEM to PKCS12 |
| Date: | 2021-02-25 00:09:09 |
| Message-ID: | dd94504c-cf43-3f0d-08c9-b8e11f10c05d@gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
I continue to forget the PKCS is a store, not a cert. Using the cert
therein and the world is happy.
The proposal is withdrawn.
On 2/24/21 4:20 PM, Rob Sargent wrote:
> Given PEM from AWS/RDS, which appear to me to include only the
> certificate, here's what I did to get to PKCS12 format
>
> keytool -import -alias rds-root -keystore root.jks -file rds.pem
> keytool -importkeystore -srckeystore root.jks -destkeystore root.p12
> -deststoretype pkcs12
>
> Is this expected in general (not RDS specific)? If so I would like to
> add these instrux to connect.md.
>
> Or is this even correct? Handing the created .p12 file to the connection
> url
> (sslkey=/full/path/root.p12&sslpassword=x&sslmode=verify-full)
> does not seem to be taking effect. I get could not find
> "/home/ec2-user/.postgresql/root.crt"
> which is NOT the full/real path
>
>
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hugo Abreu | 2021-02-25 18:18:03 | [pgjdbc/pgjdbc] 6cfa65: isValid() timeout should not be blocked (#1943) (#... |
| Previous Message | Rob Sargent | 2021-02-24 23:20:18 | PEM to PKCS12 |