I still can't access my SSL enabled server!!! Is root.crt supposed to be an exact copy of server.crt file which I use in my client's keystore?
I have another observation. As I start the coordinator node, I don't see any file access to the server.key or server.crt file? Aren't these files supposed to be read at start up time or at least when I try to make a connection from my java application? Everything I try create a datasource on tomcat I get the follow error on client and server's console... FATAL: connection requires a valid client certificate. Am I missing something? -maz From: pgsql-jdbc-ow...@postgresql.org [mailto:pgsql-jdbc-ow...@postgresql.org] On Behalf Of Maz Mohammadi Sent: Friday, February 22, 2013 4:33 PM To: pgsql-j...@postgresql.org Subject: Re: [JDBC] can't access through SSL Correction... After double checking the path to java's keystore file, and correcting it...this is the new error. FATAL: connection requires a valid client certificate. Any idea would be greatly appreciated. -maz From: Maz Mohammadi Sent: Friday, February 22, 2013 3:51 PM To: 'pgsql-j...@postgresql.org' Subject: RE: [JDBC] can't access through SSL Hello, I regenerated some new keys for my postgres server. I've placed them under /var/lib..../coord and shared them with the datanodes as well. After adding the certificates to the keystore for my tomcat java application, I get the following error on my server. LOG: could not accept SSL connection: sslv3 alert certificate unkown. I thought I had to use JDBC 3 for this. Any ideas? -maz From: Maz Mohammadi Sent: Friday, February 22, 2013 3:45 PM To: pgsql-j...@postgresql.org<mailto:pgsql-j...@postgresql.org> Subject: RE: [JDBC] can't access through SSL Thx, one step closer. pgsql-j...@postgresql.org<mailto:pgsql-j...@postgresql.org> From: Vitalii Tymchyshyn [mailto:tiv...@gmail.com] Sent: Friday, February 22, 2013 12:56 PM To: Maz Mohammadi Cc: pgsql-j...@postgresql.org<mailto:pgsql-j...@postgresql.org> Subject: Re: [JDBC] can't access through SSL Try jdbc:postgresql://localhost:5432/testdb?ssl=true 2013/2/22 Maz Mohammadi <mmohamm...@pentaho.com<mailto:mmohamm...@pentaho.com>> Hello all, I'm trying to access a postgres database through a java application (tomcat). This is the only entry I have in pg_hba.conf # TYPE DATABASE USER ADDRESS METHOD hostssl all all 127.0.0.1/32<http://127.0.0.1/32> cert and put the certicate (from /var/lib/postre...../coord/server.crt) in the cacerts under $JAVA_HOME/....... This is my jdbc URL.... jdbc:postgresql://localhost:5432/testdb&ssl=true But When I try to create a datasource on tomcat, I get the following error... "Connection attempt failed: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "progres-xc", database "testdb&ssl=true", SSL off" Any help is greatly appreciated. -maz -- Best regards, Vitalii Tymchyshyn
