Is Client connections via ca.crt only possible?

From: Rejo Oommen <rejo(dot)oommen(at)gmail(dot)com>
To: pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Is Client connections via ca.crt only possible?
Date: 2022-08-01 08:12:33
Message-ID: CAFiZ60hyT7wJ+jtSiJ3UjE92jCK43cqOF0cxmmkwq8Q+EnkSqw@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Requirement is to use only ca.crt and connect to postgres

Server.crt, Server.key and ca.crt are configured at the postgres server for
tls connection.

Connection successful while using
psql ‘host=172.29.21.222 dbname=test user=postgres sslmode=verify-ca
sslcert=/tmp/server.crt sslkey=/tmp/server.key sslrootcert=/tmp/ca.crt
port=5432’

For clients to connect, can they use only ca.crt and connect to the DB.
Tried and got the below error

psql ‘host=172.29.21.222 dbname=test user=postgres sslmode=verify-ca
sslrootcert=/tmp/ca.crt port=5432’
psql: error: connection to server at “172.29.21.222”, port 50001 failed:
FATAL: connection requires a valid client certificate

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Matthias Apitz 2022-08-01 09:22:33 a database can be created but not droped
Previous Message Peter Smith 2022-08-01 04:18:15 Re: Support logical replication of DDLs