From: | Berend Tober <btober(at)computer(dot)org> |
---|---|
To: | dhanuj hippie <dhanuj(dot)hippie(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org |
Subject: | Re: Server SSL key with passphrase |
Date: | 2017-02-09 13:01:02 |
Message-ID: | 163855b3-01fa-b891-110f-17967311b5c5@computer.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
dhanuj hippie wrote:
>
> I have a postgres-9.6 server running with SSL enabled, and I have setup the certificates as per
> documentation. But currently the key file is not protected by passphrase. Does postgres provide a
> way to use passphrase protected keys ?
If by "per documentation" you refer to "18.9.3. Creating a Self-signed Certificate", that process
creates password protected key initially, and then there is a specific step in that process for
removing the password. If you omit that password removal step, then you would have a password
protected key. Note, though, as the documentation further points out, someone will have to be
standing by at the key board whenever the server is started so as to be able to respond to the
password prompt. You may indeed want that, but it is not recommended practice.
-- B
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2017-02-09 14:15:13 | Re: Running out of memory the hard way ... |
Previous Message | dhanuj hippie | 2017-02-09 11:51:45 | Server SSL key with passphrase |