| From: | Radosław Smogura <rsmogura(at)softperience(dot)eu> |
|---|---|
| To: | pgsql-jdbc(at)postgresql(dot)org |
| Cc: | zhong ming wu <mr(dot)z(dot)m(dot)wu(at)gmail(dot)com> |
| Subject: | Re: ssl connection strangely stops working |
| Date: | 2011-02-05 22:19:14 |
| Message-ID: | 201102052319.14282.rsmogura@softperience.eu |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
zhong ming wu <mr(dot)z(dot)m(dot)wu(at)gmail(dot)com> Saturday 05 February 2011 22:11:50
> On Sat, Feb 5, 2011 at 11:08 AM, Radosław Smogura
>
> It's nice to know that all the problems can be traced to JVM settings.
>
> FWIW, I ended using
> 'sslfactory=org.postgresql.ssl.NonViladatingFactory' on Windows 7
> which I didn't need on Mac.
>
> Have you looked into 'keytool' ? That lets you manipulate the
> certificates that JVM relies on. What I am not sure is where one must
> enter server certificates one by one into JVM or whether one can enter
> a CA.
Sueficinet is to put parent cert (or self-signed) cert in truststore, but
standard validator validates certs expirantion date. I don't know if parent
cert must be self-signed. Actually I have own CA, so it was sueficient to put
CA cert in truststore.
If SSL doesn't want to work with this
-Djavax.net.ssl.trustStorePassword=changeit
may help,"chageit" is standard master password.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Leonid Vygovskiy | 2011-02-06 08:40:53 | SQL select doesn't work |
| Previous Message | zhong ming wu | 2011-02-05 21:11:50 | Re: ssl connection strangely stops working |