From: | Carol Walter <walterc(at)indiana(dot)edu> |
---|---|
To: | |
Cc: | pgsql-admin(at)postgresql(dot)org |
Subject: | Re: ssl database connection problems... |
Date: | 2008-12-30 20:53:37 |
Message-ID: | 4D15E432-79CD-4D0E-ACDD-BC1ABCC5BAFD@indiana.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Thanks to all of you. Many of my problems have been fixed. My
"listening_addresses" was not set correctly. After I fixed that
problem, I started getting an SSL error. I'm now getting this error
as follows:
walterc(at)fac-staff:~$ psql -U walterc -d walterc -h db -p 5433
psql: SSL SYSCALL error: EOF detected
I've poked around a lot in my system. OpenSSL is telling me that ssl
is not properly configured. I don't know if the error is accurate of
it's describing differences between its configuration and Postgres'.
Since ssl on my database box has never been used, there's a very good
chance it's not configured properly. I've decided the best tact would
be to get a new version of OpenSSL. The most current version on the
Sun Freeware site, is 0.9.8i.
Are there any issues with compatibility that I should know about.
I'm running Solaris 10 and version 8.3.4 of postgres.
Thanks,
Carol
On Dec 29, 2008, at 9:36 PM, Ray Stell wrote:
> On Mon, Dec 29, 2008 at 04:23:30PM -0500, Carol Walter wrote:
>> "with openssl" when I initially configured the server. Are there
>> other
>> things that need to be done to get openssl started on the database
>> server?
>> How can I diagnose this problem?
>>
>
> The files server.key, server.crt, root.crt, and root.crl are only
> examined
> during server start; so you must restart the server for changes in
> them
> to take effect.
>
> http://www.postgresql.org/docs/8.3/interactive/ssl-tcp.html
>
> It's been awhile since I played with this, but there's something
> about an
> environment var, PGSSLMODE.
>
> You can use openssl to verify the server/root ca correctness like
> this:
>
> openssl verify -CAfile ./root.crt testcert.pem
>
> assuming openssl in the mix.
>
> --
> Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-admin
From | Date | Subject | |
---|---|---|---|
Next Message | AmitKumar Jain | 2008-12-31 00:07:55 | Re: Getting the value of a config parameter in runtime |
Previous Message | Scott Marlowe | 2008-12-30 20:08:45 | Re: postgres block_size problem |