| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Susan Joseph <sandajoseph(at)verizon(dot)net> |
| Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: SSL between Primary and Seconday PostgreSQL DBs |
| Date: | 2020-09-03 13:12:12 |
| Message-ID: | 20200903131212.GN29590@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Greetings,
* Susan Joseph (sandajoseph(at)verizon(dot)net) wrote:
> So I made the changes on the secondary to change the sslmode to verify-fullI removed the clientcert=1 in pg_hba.conf and removed any connections other than sslI removed the passfile info from recovery.confand now I am getting this error:
> 2020-09-03 13:01:49.990 UTC [7963] FATAL: could not connect to the primary server: server certificate for "lc-subca-pg.theforest.sap" does not match host name "192.168.1.142"
Yes, as I explained, because of exactly the issue that the host you've
told your secondary to connect to (looks like 192.168.1.142) doesn't
match the certificate presented by the primary (which looks to be
"lc-subca-pg.theforest.sap").
The answer is to make those two match.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alban Hertroys | 2020-09-03 13:12:55 | How to enumerate partitions from a window function? |
| Previous Message | Susan Joseph | 2020-09-03 13:09:39 | Re: SSL between Primary and Seconday PostgreSQL DBs |