Re: Setting up SSL for postgre

Hallo Mark,

as i quickly read the error message in your question,

these we're my first suggestions.

either

* did you intent cert aut for the postgres user?

* u use a selfsigned certificate, hence software that checks for the validity will fail or ask for this

** using for example the free, but official letsencrypt certificates this should be solved

hth,

Wim

________________________________
Van: Mark Williams <markwillimas(at)gmail(dot)com>
Verzonden: maandag 20 augustus 2018 16:51
Aan: Wim Bertels; pgsql-admin(at)lists(dot)postgresql(dot)org; s(dot)dunand(at)sirap(dot)fr
Onderwerp: RE: Setting up SSL for postgre

Hi,

Sorry I don't understand what you are suggesting re the pg_hba file.

__

From: Wim Bertels <wim(dot)bertels(at)ucll(dot)be>
Sent: 20 August 2018 14:30
To: pgsql-admin(at)lists(dot)postgresql(dot)org; s(dot)dunand(at)sirap(dot)fr
Subject: Re: Setting up SSL for postgre

pg_hba.conf
# TYPE DATABASE USER CIDR-ADDRESS METHOD

# IPv4 local & remote connections:
host all all 127.0.0.1/32 trust
hostssl all postgres 0.0.0.0/0 cert

cert method for auth, hence this behaviour (client cert..)

extra tip:
https://duckduckgo.com/?q=letsencrypt+postgresql
for official server side certificates

mvg,
Bertels Wim

Mark
__

This page helped me :
https://www.depesz.com/2015/05/11/how-to-setup-ssl-connections-and-authentication/

Best regards,
Stéphane