Re: one client with multiple ssl cert connections to different databases

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Megan <nagemnna(at)gmail(dot)com>
Cc: pgsql-admin <pgsql-admin(at)postgresql(dot)org>
Subject: Re: one client with multiple ssl cert connections to different databases
Date: 2013-07-01 17:08:44
Message-ID: CABUevEz+9_EjtAtd3Wqe62-dPQLUnzQuB_HHHFDHC6JtnCtabg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Mon, Jul 1, 2013 at 7:03 PM, Megan <nagemnna(at)gmail(dot)com> wrote:
> Good Day All
>
>
> I setup my postgres servers to allow certificate authentication. Right now
> I have two database servers and one application server. Users are only
> allowed to connect into the application server, invoke psql, then connect
> into which ever database server they want. I have the keys and certs for db
> server 1 in their .postgresql folder under their home and it works fine, but
> i can't figure out how to properly setup the environment so that they can
> connect into either db server with the keys. I tried to merge the key/cert
> files in their .postgresql directory with info for both db servers but that
> didn't work. I feel like there is an obvious solution to this that I can't
> see. Any ideas?

They need to be in different files, and you can then control which
file is used either on the connection string (sslcert, sslkey and
similar parameters) or using environment variables (PGSSLCERT,
PGSSLKEY)

--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Alvaro Herrera 2013-07-01 17:38:04 Re: How was I able to drop a role even though objects depend on it?
Previous Message Megan 2013-07-01 17:03:28 one client with multiple ssl cert connections to different databases