| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Simon de Hartog <simon(dot)postgresql(at)dehartog(dot)nl> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: PostgreSQL configurable SSL key checking |
| Date: | 2005-09-05 19:18:04 |
| Message-ID: | 3753.1125947884@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Simon de Hartog <simon(dot)postgresql(at)dehartog(dot)nl> writes:
> I have added all the users these applications run as to a group called
> "ssl". Permissions on the private key are owned by root, group ssl,
> protection rw-r----- (640). When I tell PostgreSQL to use this key with
> certificate (by using symlinks from server.key and server.crt in the
> postgreSQL data dir) it tells me that owner and permissions are wrong.
> How can I use this certificate and key for PostgreSQL (without copying
> the key and changing owner and permissions etc, because then the whole
> idea of centrally coordinated certificates is gone)?
You can't, and I don't see why it's a good idea to use the same key for
different server applications.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2005-09-05 19:27:01 | Re: PostgreSQL configurable SSL key checking |
| Previous Message | Patrick Welche | 2005-09-05 19:10:16 | Re: inet increment with int |