| From: | Tomasz Myrta <jasiek(at)klaster(dot)net> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: ssl woes after 8.1 -> 8.3 update |
| Date: | 2008-10-16 16:51:55 |
| Message-ID: | gd7rfd$1pvg$1@news.hub.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Ivan Sergio Borgonovo napisal 16.10.2008 16:29:
> Debian etch + backported postgresql
>
> I just copied pg_hba.conf from 8.1 to 8.3.
>
> on postgresql.conf
> ssl=true
> listen_addresses = '*'
>
> symlinked root.crt -> /etc/ssl/certs/ssl-cert-snakeoil.pem
As described in documentation, giving "root.crt" to server means your
clients need client certificate to connect.
> Error connecting to the server: could not open certificate file
> "/home/ivan/.postgresql/postgresql.crt": No such file or directory
It looks like you don't have client certificate.
> is there an howto to do things properly in spite of just trial and
> errors?
This one should be enough:
http://www.postgresql.org/docs/current/interactive/ssl-tcp.html
You should either provide matching client certificate or remove root.crt
from server configuration.
--
Regards,
Tomasz Myrta
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ivan Sergio Borgonovo | 2008-10-16 17:28:15 | Re: ssl woes after 8.1 -> 8.3 update |
| Previous Message | Martijn van Oosterhout | 2008-10-16 16:44:24 | Re: Optimizing projections containing unused columns |