| From: | Ray Stell <stellr(at)cns(dot)vt(dot)edu> |
|---|---|
| To: | Carol Walter <walterc(at)indiana(dot)edu> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: ssl database connection problems... |
| Date: | 2008-12-30 02:36:30 |
| Message-ID: | 20081230023630.GA19239@cns.vt.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Mon, Dec 29, 2008 at 04:23:30PM -0500, Carol Walter wrote:
> "with openssl" when I initially configured the server. Are there other
> things that need to be done to get openssl started on the database server?
> How can I diagnose this problem?
>
The files server.key, server.crt, root.crt, and root.crl are only examined
during server start; so you must restart the server for changes in them
to take effect.
http://www.postgresql.org/docs/8.3/interactive/ssl-tcp.html
It's been awhile since I played with this, but there's something about an
environment var, PGSSLMODE.
You can use openssl to verify the server/root ca correctness like
this:
openssl verify -CAfile ./root.crt testcert.pem
assuming openssl in the mix.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-12-30 03:13:12 | Re: ssl database connection problems... |
| Previous Message | Scott Marlowe | 2008-12-29 21:50:38 | Re: ssl database connection problems... |