Re: pgjdbc is not working with PKCS8 certificates with password

On 2/7/24 06:42, just madhu wrote:
> On further investigation,
> /With certificate generated as below. JDBC connection is successful./
> openssl pkcs8 -topk8 -inform PEM -in client.key -outform DER -out
> client.pk8  -passout pass:foobar / -v1 PBE-MD5-DES
>
> But a connection from pgAdmin (connection failed:
> \SSLCerts\pk8_pass\client_pass_PBE.pk8": no start line) and psql(psql:
> error: could not load private key file "client_pass_PBE.pk8":
> unsupported) is failing
>
> Is there a common way in which certificate with passwords can be
> created  for both libpq and jdbc ?

You may want to check with the pgjdbc project on github rather than (or
in addition to?) here; see:

https://github.com/pgjdbc/pgjdbc/issues

Joe

> On Wed, Feb 7, 2024 at 3:17 PM just madhu <justvmadhu(at)gmail(dot)com
> <mailto:justvmadhu(at)gmail(dot)com>> wrote:
>
> Hi ,
>
> postgresql-42.7.1.jar
>
> Trying to use establish a connection using PKCS8 certificate created
> with password.
>
> /openssl pkcs8 -topk8 -inform PEM -in client.key -outform DER -out
> client.pk8  -passout pass:foobar
> /
>
> I set the properties as below:
> /.../
> /sslProperties.setProperty("sslkey", "client.pk8");
> sslProperties.setProperty("sslpassword","foobar");/
> /.../
> /Connection connection = DriverManager.getConnection(jdbcUrl,
> sslProperties);
> /
> /..../
> /This is failing with the error:/
> /org.postgresql.util.PSQLException: SSL error: Connection reset
> at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:43)
> at
> org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:584)
> at
> org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:168)
> /
> /.../
>
> Regards,
> Madhu
>

--
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com