| From: | Apurva Paralkar <apurva12mar(at)gmail(dot)com> |
|---|---|
| To: | "Inoue, Hiroshi" <h-inoue(at)dream(dot)email(dot)ne(dot)jp> |
| Cc: | pgsql-odbc(at)postgresql(dot)org |
| Subject: | Re: Fwd: Connection string parameter sslrootcert does not work |
| Date: | 2017-01-23 17:15:44 |
| Message-ID: | CAEnV6tYoN9_BcNw_XBCOPUbkPGJ2PP8paUTP5K8fdqQjw5842g@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-odbc |
Hi Hiroshi,
Thanks for your response. Can you let me know tentatively when this
parameter will be added? I have some deadlines based on this change. I'd
like to know if I can wait for your changes or if I should work on a patch
myself.
Thanks,
Apurva
On Sat, Jan 21, 2017 at 5:22 AM, Inoue, Hiroshi <h-inoue(at)dream(dot)email(dot)ne(dot)jp>
wrote:
> Hi Apurva,
>
> Sorry for the late reply.
>
> On 2017/01/19 4:29, Apurva Paralkar wrote:
>
> Hi,
>
>
>
> I'm trying to programmatically connect to an RDS Postgres instance with
> SSL enabled, using the psqlodbc driver (Version:
> postgresql94-odbc-09.03.0400-1PGDG.rhel6.x86_64.rpm). I’m having trouble
> with the sslrootcert parameter.
>
>
> To enable SSL for a Postgres connection, I appended the following
> parameters to the connection string:
>
> sslmode=verify-ca;sslrootcert=<location of root certificate on the client>
>
> The root certificate exists as a .pem file.
>
>
> In addition, I also enabled the debug and comm logs:
>
> debug=1;commlog=1
>
>
> The resulting logs showed the following error:
>
> …
>
> 00028427: 2017-01-17T21:16:57 [SERVER ]I: Going to connect to
> ODBC connection string: Driver={PostgreSQL Unicode(x64)};Server=<hostname
> >;Port=-<port>;Database=<database-name>;UseDeclareFetch
> =1;Fetch=10000;Uid=<username>;Pwd=****;sslmode=verify-ca;sslrootcert=<location
> of root.pem file on the client>;debug=1;commlog=1
>
> 00028427: 2017-01-17T21:16:57 [SERVER ]E: RetCode: SQL_ERROR
> SqlState: 08001 NativeError: 101 Message: [unixODBC]root certificate file
> "/home/<current-user>/.postgresql/root.crt" does not exist
>
> Either provide the file or change sslmode to disable server certificate
> verification. [122502] ODBC general error.
>
> 00028427: 2017-01-17T21:16:57 [SERVER ]E: Failed to connect
> [122506] Network error has occurred
>
> …
>
>
> Does this mean the driver cannot recognize the sslrootcert parameter being
> passed to it?
>
>
> Yes.
> Now I'm planning to introduce a new option which specifies libpq
> connection parameters as a conninfo style string
> like
> pqopt={sslrootcert=... sslcert=...}
> .
>
> regards,
> Hiroshi Inoue
>
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Inoue, Hiroshi | 2017-01-24 04:28:56 | Re: Fwd: Connection string parameter sslrootcert does not work |
| Previous Message | Inoue, Hiroshi | 2017-01-21 13:22:58 | Re: Fwd: Connection string parameter sslrootcert does not work |