Re: Query regarding managing Replication

Hello,

I have one query regarding client/server authentication using certificate
in postgres.

I am able to establish client server connection with OpenSSL certificate
creation.

We can create server and root certificates using OpenSSL and keep them in
data directory.
We need to update field in postgresql.conf (example ssl = ON, ssl_cert_file
= "Server.crt", ssl_key_file = "Server.key", also for client we need to
create certificate and key and need to update it in user directory.

My query is, instead of using a physical certificate from a
particular directory, can we use a certificate from the Windows certificate
store for both server and client? Server will refer to the installed
certificate from the server windows certificate store and the client will
use the client windows certificate store.

Please let me know if such a thing we can use. if yes , please share some
references.

Thanks and Regards,
Ashok

On Mon, Jul 10, 2023 at 1:32 PM Julien Rouhaud <rjuju123(at)gmail(dot)com> wrote:

> On Mon, Jul 10, 2023 at 3:41 PM Ashok Patil <ashokrpatil(at)gmail(dot)com> wrote:
>
>> Hello Julien,
>>
>> I need some more help regarding replication.
>>
>> Where Primary server can switch to Standby server role and stand by
>> server can switch to Primary server role.
>> [image: image.png]
>> In our case we maintain two servers Server1 and Server2.. Server1 will be
>> active and Server2 will be passive.
>> In case when Server1 is crashed Server2 will be active in result it
>> starts Keyclock instance and keyclock will connect with Standby postgres
>> server.
>>
>> As per current replication steps, we found that Standby server will
>> always be in read only mode. we want to switch it to r/w mode and primary
>> to read only mode.
>>
>> or even it is ok both primary and stand by will always be in read-write
>> mode. but both should replicate data.
>>
>> I searched so many option on internet but did not found exact one.. Will
>> you please propose me some good solutions..
>>
>> Proper steps should be appreciable..
>>
>
> I don't know what KeyClock is, but I'm assuming that what you're looking
> for is a High Availability solution, not how to setup replication, as
> postgres itself only provides way to perform specific actions (promote a
> standby to primary, build a new standby...) and third-party tools adds the
> necessary logic for something more fancy. For general overview or how to
> perform a failover you can look at the documentation at
> https://www.postgresql.org/docs/current/high-availability.html. If
> you're looking for a HA solution, I would recommend looking into Patroni:
> https://patroni.readthedocs.io/en/latest/
>