| From: | Jose Berardo <berardo(at)especializa(dot)com(dot)br> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | PostgreSQL with SSL |
| Date: | 2010-04-12 16:35:07 |
| Message-ID: | p2w9009a4451004120935l1204e4b3o5139b2781b441b00@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Hi,
I'm new on using SSL in PostgreSQL.
I've created a self-signed certificate using openssl and started the server
with ssl suport.
But I have some question, can you help me?
- There is any parameter to configure the path (and name) to certificate
(server.crt) and private key (server.key) like hba_file or ident_file in
postgresql.conf or any other?
- Is it possible to store the server.key in a ciphered file with triple-des
and configure the PostgreSQL to use a simetric-key to open it when it's
necessary?
Maybe I'm wrong but my server only works with I plain private key.
I'm trying to use the java keytool in place of openssl.
- I believe that it not possible to start the PostgreSQL server without
openssl (and ssl-dev package in debian), is it correct?
- When I create keys and certificates with keytool, it creates a java
keystore to store everything. I know how to export the certificate but I
don't know how to export the private key and when I use the keytool
certificate, the server crashes with this message:
FATAL: could not load server certificate file "server.crt": no start line
Sorry about too many questions, but anyone can help me to understand more
about ssl in PostgreSQL?
--
Regards,
Jose Berardo
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jose Berardo | 2010-04-12 16:36:43 | PostgreSQL with SSL |
| Previous Message | Ray Stell | 2010-04-12 14:04:37 | Re: "the database system is starting up" |