| From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
|---|---|
| To: | harpagornis <shenlong(at)runbox(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: SSL Certificates in Windows 7 & Postgres 9.3 |
| Date: | 2014-12-18 00:10:38 |
| Message-ID: | 54921B7E.5050000@aklaver.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 12/17/2014 11:38 AM, harpagornis wrote:
> Some more questions if you please. I am in Houston, and we don't have a
> postgres users group. If anyone knows of some postgres groups that have
> webcasts of their meetings, let me know. Thanks.
>
> I am trying to figure out how to manage the SSL client certificates in a
> Windows 7 environment, both in development mode and alternatively, a working
> / production environment. Lets say I have several application databases,
> and each database has one or more user ids for logging in, then I will need
> to create a separate client certificate for each user id that is being used
> to login. Correct?
Yes.
>
> Since the client certificate is always named postgresql.crt, then I will
> need to place these variations of the postgresql.crt file in separate
> folders. Correct?
Well the client certificate is for a user, so it needs to be in the
users home directory.
>
> The location that postgres looks for the server and client and root
> certificates is the location specified in the environmental variable,
> Search_Path. Correct?
As far as I know there is no such env variable. In any case search_path
if for schema discovery in a database. For a list of the env variables see:
http://www.postgresql.org/docs/9.3/static/libpq-envars.html
>
> So in a development environment, I will need to manually edit the PG_DATA
> and Search_Path environmental variables and restart the postgres service
> whenever I want to test connecting with a different postgresql.crt?
Well there is no search_path env variable to set and PG_DATA is PGDATA.
PGDATA is for the cluster data directory and postgresql.crt is the
client certificate. Not sure why you would edit PGDATA or restart Postgres?
>
> And, in a working / production environment, I will need to programmatically
> set the PG_DATA and Search_path environmental variables and restart
> postgres? Are there other methods/ practices commonly used for these
> operations? Thank you in advance.
See above.
>
>
>
> --
> View this message in context: http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5831182.html
> Sent from the PostgreSQL - general mailing list archive at Nabble.com.
>
>
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G Johnston | 2014-12-18 00:45:44 | Re: SSL Certificates in Windows 7 & Postgres 9.3 |
| Previous Message | Patrick Krecker | 2014-12-17 23:29:02 | Re: Re: Strange error message when reference non-existent column foo."count" |