| From: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
|---|---|
| To: | Gabriele Bulfon <gbulfon(at)sonicle(dot)com> |
| Cc: | pgsql-jdbc(at)lists(dot)postgresql(dot)org |
| Subject: | Re: ssl connection issues |
| Date: | 2018-09-13 15:09:32 |
| Message-ID: | CAMsr+YGPkivLkDFdbUSuAxLnM3W2+Qu+bfcij1DB8kWZMVqUaw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
On 13 September 2018 at 20:23, Gabriele Bulfon <gbulfon(at)sonicle(dot)com> wrote:
> Hello,
>
> I recently configured Postgresql 9.0.9 with SSL only "on" and all its
> needed server certificates.
> I then created the client certificates and started working with them from
> a windows client.
>
> At first I used them with tools like Navicat, just specified the 3 certs
> files (key,crt and root.crt) in the ssl pane, worked fine.
>
> Then I tried with ODBC, placed the files in %APPDATA%/postgresql with
> correct names (postgresql.key, postgresql.crt, root.crt), created the
> connection and tested it, worked fine.
>
> Last I tried with jdbc, thinking it would have been so easy: I'm fighting
> for 2 days with lots of different issues.
> After some messing, I also finally discovered that, different from odbc,
> it would look for a pk8 file (why this difference?).
>
AFAIK it's largely historical, and due to now-lifted limitations in JSSE.
You should probably use sslfactory=org.postgresql.ssl.LibPQFactory and
possibly specify explicit paths for the sslcert and sslkey parameters.
This seems to be undocumented, unfortunately.
--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gabriele Bulfon | 2018-09-14 07:26:26 | Re: ssl connection issues |
| Previous Message | Dave Cramer | 2018-09-13 14:52:36 | Re: ssl connection issues |