From: | PG Bug reporting form <noreply(at)postgresql(dot)org> |
---|---|
To: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
Cc: | eluther(at)smartleaf(dot)com |
Subject: | BUG #15369: Postgres fails to start with default "ssl = true" configuration |
Date: | 2018-09-07 21:33:46 |
Message-ID: | 153635602607.23141.11387954289570596564@wrigleys.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 15369
Logged by: Eric Luther
Email address: eluther(at)smartleaf(dot)com
PostgreSQL version: 9.6.10
Operating system: Debian 9.5
Description:
eluther(at)testvm03:~$ sudo service postgresql start
Starting PostgreSQL 9.6 database server: mainThe PostgreSQL server failed to
start. Please check the log output: 2018-09-07 16:49:56.926 EDT [3990]
FATAL: could not access private key file
"/etc/ssl/private/ssl-cert-snakeoil.key": Permission denied 2018-09-07
16:49:56.926 EDT [3990] LOG: database system is shut down ... failed!
failed!
eluther(at)testvm03:~$ cat /etc/postgresql/9.6/main/postgresql.conf |grep ssl
ssl = true # (change requires restart)
#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
#ssl_prefer_server_ciphers = on # (change requires restart)
#ssl_ecdh_curve = 'prime256v1' # (change requires restart)
ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem' # (change
requires restart)
ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' # (change
requires restart)
#ssl_ca_file = '' # (change requires restart)
#ssl_crl_file = '' # (change requires restart)
eluther(at)testvm03:~$ sudo ls -l /etc/ssl/private/
[sudo] password for eluther:
total 8
-rw------- 1 root root 1704 Sep 7 13:08 int-wildcard.key
-rw-r----- 1 root ssl-cert 1704 Aug 27 16:48 ssl-cert-snakeoil.key
eluther(at)testvm03:~$ grep postgres /etc/group
ssl-cert:x:111:postgres
postgres:x:116:
eluther(at)testvm03:~$ psql --version
psql (PostgreSQL) 9.6.10
eluther(at)testvm03:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 9.5 (stretch)
Release: 9.5
Codename: stretch
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2018-09-07 21:49:38 | Re: BUG #15369: Postgres fails to start with default "ssl = true" configuration |
Previous Message | Michael Paquier | 2018-09-07 20:44:03 | Re: BUG #15367: Crash in pg_fe_scram_free when using foreign tables |