Hi ,
Please suggest the best chiper suite to configure openSSL for PostgreSQL
Server and client?.
How to use other than md5 encryption algorithm to encrypt the passwords in
PostgreSQL?
Thanks,
Chiru
Just to add a final resolution to this thread, my solution was to add "use
Net::SSL" to the top of my script. Even though my script does not use SSL
directly, I think this must have helped in loading the libraries in an
order that let everything work.
Thanks for the help
iGLASS Networks
www.igla
On 12/31/2015 01:16 PM, George Woodring wrote:
I went and look and we have the ssl_renegotiation_limit set to the
default, which the documentation says is 0.
Well that was the low hanging fruit:)
Given that you see this:
Dec 31 14:04:03 iprobe002 kernel: iPoller2.pl[16044] general protection
I went and look and we have the ssl_renegotiation_limit set to the default,
which the documentation says is 0.
Thanks,
George
iGLASS Networks
www.iglass.net
On Thu, Dec 31, 2015 at 3:16 PM, Adrian Klaver
wrote:
> On 12/31/2015 11:29 AM, George Woodring wrote:
>
>> OS: CentOS 6.6
>> Postgres Ve
On 12/31/2015 11:29 AM, George Woodring wrote:
OS: CentOS 6.6
Postgres Version: 9.3.10
I have a script that is worked for years that does the following
- Connect to postgres and get a list of URLs to poll for status
- close connection
- Start threads to poll the URLs
- cleanup threads and colle
OS: CentOS 6.6
Postgres Version: 9.3.10
I have a script that is worked for years that does the following
- Connect to postgres and get a list of URLs to poll for status
- close connection
- Start threads to poll the URLs
- cleanup threads and collect the results.
- Connect to postgres and write t
Thank you all. You have given me a lot to digest for my project.
--
View this message in context:
http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5831358.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
--
Sent via pgsql-general m
On 12/17/2014 10:14 PM, harpagornis wrote:
I am developing a Windows desktop application so the client is the desktop
application. Depending on the installation, the app will be running in
single user mode, with the server and client both on only one machine, using
127.0.0.1. In that type of in
On 12/17/2014 10:14 PM, harpagornis wrote:
I am developing a Windows desktop application so the client is the desktop
application. Depending on the installation, the app will be running in
single user mode, with the server and client both on only one machine, using
127.0.0.1. In that type of in
I am developing a Windows desktop application so the client is the desktop
application. Depending on the installation, the app will be running in
single user mode, with the server and client both on only one machine, using
127.0.0.1. In that type of installation, there is little or no reason the
> Are there other methods/ practices commonly used for these operations?
> Thank you in advance.
You've got some serious confusion between client/server and other things
going on here...Adrian addressed those. It might help to think of the fact
that the clients and server are typically not on t
On 12/17/2014 11:38 AM, harpagornis wrote:
Some more questions if you please. I am in Houston, and we don't have a
postgres users group. If anyone knows of some postgres groups that have
webcasts of their meetings, let me know. Thanks.
I am trying to figure out how to manage the SSL client ce
Some more questions if you please. I am in Houston, and we don't have a
postgres users group. If anyone knows of some postgres groups that have
webcasts of their meetings, let me know. Thanks.
I am trying to figure out how to manage the SSL client certificates in a
Windows 7 environment, both i
Thank you. That resolved it. After revising the certificates, I was able to
connect with psql. I really appreciate all the help.
--
View this message in context:
http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5831051.html
Sent from the PostgreSQL - general
On 12/16/2014 08:56 PM, harpagornis wrote:
To anyone following this thread, I would also like to point out the
following, from Man 31.18.1.
In verify-full mode, the cn (Common Name) attribute of the certificate is
matched against the host name. If the cn attribute starts with an asterisk
(*), it
To anyone following this thread, I would also like to point out the
following, from Man 31.18.1.
In verify-full mode, the cn (Common Name) attribute of the certificate is
matched against the host name. If the cn attribute starts with an asterisk
(*), it will be treated as a wildcard, and will ma
Yes, I have tested that the connection and it does work without SSL. I have
also verified with openssl that all the certificates have the same CN,
issuer, etc.
I am working in a development environment, hence the seemingly odd file
location. It may not seem that way, but I am narrowing down th
harpagornis wrote
> I understand all of that, about certificates. I only included all of the
> pg_env.bat file for completeness. You understand that I am trying to
> connect to the database by using just psql?
Yes, and are doing so with non-default locations for pretty much everything.
Given
I understand all of that, about certificates. I only included all of the
pg_env.bat file for completeness. You understand that I am trying to
connect to the database by using just psql?
--
View this message in context:
http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp
harpagornis wrote
> @SET PATH="C:\Program Files\PostgreSQL\9.3\bin";%PATH%
> @SET PGDATA=D:\PostgresDat
> @SET PGDATABASE=postgres
> @SET PGUSER=postgres
> @SET PGPORT=5432
> @SET PGSSLCERT=D:\POSTGRESDAT\POSTGRESQL.CRT
> @SET PGSSLKEY=D:\POSTGRESDAT\POSTGRESQL.KEY
> @SET PGSSLROOTCERT=D:\POSTGRESD
harpagornis writes:
> Unless I am missing something, I still do not see where how / where to
> specify sslcert, sslkey, root.crt in the psql command.
You don't. The SSL certificates are stored in files whose names are known
to the psql code. See
http://www.postgresql.org/docs/9.3/static/libpq-s
Unless I am missing something, I still do not see where how / where to
specify sslcert, sslkey, root.crt in the psql command. The referenced links
don't much go beyond these input variables [ dbname [ username ] [ host ] [
port ] .
--
View this message in context:
http://postgresql.nabble.com/
harpagornis wrote
> psql dbname=dbname user=my_role sslmode=verify-full sslcert=postgresql.crt
> sslkey=postgresql.key sslrootcert=root.crt
This is a psql command with 6 input arguments/options specified
psql "dbname=dbname [...]" is a psql command with 1 input argument/option
specified which is
Trying to connect via psql, I looked at the documentation and around the web,
but could not find the right syntax for including all the SSL connection
variables on the psql command line. I tried using the URL-type psql
command, variations of this:
--
O.K. I just found the environment variables for SSL, described in Man 31.14.
I will try that.
--
View this message in context:
http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5830961.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
Right, I want to try connecting by psql, but the postgres documentation and
"psql -- help" do not list the syntax for providing the certificate. I
tried the following, but the error was : "Connection requires a valid
certificate"
$
On 12/15/2014 09:54 PM, harpagornis wrote:
Ah! I figured out the pg_log error about "No pg_hba.conf entry for host
"127.0.0.1", user "SYSTEM", database "postgres", SSL off." That error
occurs when I go into Windows Component Services and restart postgres.
But, after I delete that pg_log file,
Ah! I figured out the pg_log error about "No pg_hba.conf entry for host
"127.0.0.1", user "SYSTEM", database "postgres", SSL off." That error
occurs when I go into Windows Component Services and restart postgres.
But, after I delete that pg_log file, there still is no connection and no
other p
Thank you all. Would something like Wireshark, WinPcap or WFetch show me
more about the SYSTEM connection?
--
View this message in context:
http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5830806.html
Sent from the PostgreSQL - general mailing list archive at
On 12/15/2014 03:49 PM, Tom Lane wrote:
Adrian Klaver writes:
On 12/15/2014 02:36 PM, harpagornis wrote:
2014-12-15 22:28:06 GMT FATAL: connection requires a valid client
certificate
2014-12-15 22:28:06 GMT FATAL: no pg_hba.conf entry for host "127.0.0.1",
user "SYSTEM", database "postgres",
On 12/15/2014 03:25 PM, harpagornis wrote:
Yes, I did intend for only SSL connections. The console app must be the
SYSTEM user then, directly or maybe indirectly through the Windows
Certificate Store. I already added root.crt to the trusted certificates
through Windows MMC. Here is my console
Adrian Klaver writes:
> On 12/15/2014 02:36 PM, harpagornis wrote:
>> 2014-12-15 22:28:06 GMT FATAL: connection requires a valid client
>> certificate
>> 2014-12-15 22:28:06 GMT FATAL: no pg_hba.conf entry for host "127.0.0.1",
>> user "SYSTEM", database "postgres", SSL off
> Well something is
harpagornis wrote
> The console app must be the SYSTEM user then, directly or maybe indirectly
> through the Windows Certificate Store.
Doubtful.
The log also shows the attempt is to access the "postgres" database while
your provided connection string accesses "dbname"
You should probably start
Yes, I did intend for only SSL connections. The console app must be the
SYSTEM user then, directly or maybe indirectly through the Windows
Certificate Store. I already added root.crt to the trusted certificates
through Windows MMC. Here is my console app, in which I provide the
certificate, so w
On 12/15/2014 02:36 PM, harpagornis wrote:
I changed the CN in all the certificates from 127.0.0.1 "my_role", which is
the user id. Now the pg_log contains this:
---
2014-12-15 22:28:04 GMT LOG: database system
harpagornis wrote
> I changed the CN in all the certificates from 127.0.0.1 "my_role", which
> is the user id. Now the pg_log contains this:
> ---
> 2014-12-15 22:28:04 GMT LOG: database system was shut down at 20
I changed the CN in all the certificates from 127.0.0.1 "my_role", which is
the user id. Now the pg_log contains this:
---
2014-12-15 22:28:04 GMT LOG: database system was shut down at 2014-12-15
22:28:01 GMT
2014
On 12/15/2014 01:13 PM, harpagornis wrote:
Yes, I set the CN to 127.0.0.1 for all certificates. I verified that for all
certificates using openssl verify. I can connect o.k. without the SSL.
The CN needs to be the user not the IP address. Take a look at the link
I sent earlier, it is a great
Yes, I set the CN to 127.0.0.1 for all certificates. I verified that for all
certificates using openssl verify. I can connect o.k. without the SSL.
--
View this message in context:
http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5830768.html
Sent from the Pos
On 12/15/2014 11:41 AM, harpagornis wrote:
I am trying to connect using SSL in Windows 7 and Postgres v9.3. The console
output error message is "Failed to establish a connection to 127.0.0.1" The
error message from the pg_log is:
---
2014-
I am trying to connect using SSL in Windows 7 and Postgres v9.3. The console
output error message is "Failed to establish a connection to 127.0.0.1" The
error message from the pg_log is:
---
2014-12-15 19:20:24 GMT FATAL: connection require
Since we are testing...test using Nabble.com and the more->raw option...
"begin quote"
I also get this error message in my log file:
"begin raw"
"end raw"
"end quote"
Following the sentence above should be 4 lines of log file content...
Sent using the Nabble.com interface
Dave
--
View thi
On Mon, Nov 10, 2014 at 8:53 PM, John R Pierce wrote:
> On 11/10/2014 11:13 AM, Magnus Hagander wrote:
>>
>> Then it's more logical. Nabble simply did not include that when the
>> email was posted. I would call that either a bug or at least a
>> limitation in Nabble - I think only they can figure
On 11/10/2014 11:13 AM, Magnus Hagander wrote:
Then it's more logical. Nabble simply did not include that when the
email was posted. I would call that either a bug or at least a
limitation in Nabble - I think only they can figure out what's wrong
and if it's fixable. Until then, we'll have to rec
On Mon, Nov 10, 2014 at 1:45 AM, David Johnston
wrote:
> Yes, that is what I was referring to. The Nabble.com website showed them.
>
> http://postgresql.1045698.n5.nabble.com/SSL-Certificates-in-Postgres-9-3-and-Windows-7-td5826230.html
Then it's more logical. Nabble simply did not include that
Yes, that is what I was referring to. The Nabble.com website showed them.
http://postgresql.1045698.n5.nabble.com/SSL-Certificates-in-Postgres-9-3-and-Windows-7-td5826230.html
David J.
On Sunday, November 9, 2014, Magnus Hagander wrote:
> On Sun, Nov 9, 2014 at 11:37 PM, David Johnston
> > wr
On Sun, Nov 9, 2014 at 11:37 PM, David Johnston
wrote:
>
>
> On Sunday, November 9, 2014, Adrian Klaver
> wrote:
>>
>> On 11/09/2014 10:14 AM, David G Johnston wrote:
>>>
>>> Adrian Klaver-4 wrote
>
> Thank you for all comments and suggestions.
More comments/suggestions wil
On Sunday, November 9, 2014, Adrian Klaver
wrote:
> On 11/09/2014 10:14 AM, David G Johnston wrote:
>
>> Adrian Klaver-4 wrote
>>
>>> Thank you for all comments and suggestions.
>>>
>>> More comments/suggestions will have to wait until the missing pieces are
>>> filled in.
>>>
>>
>> I read m
On 11/09/2014 10:17 AM, David G Johnston wrote:
Quoting original message to try and show file contents...
harpagornis wrote
I am trying to implement SSL certificates with postgres 9.3 locally in
Windows 7. In Windows Component Services / Local Services, postrgres is
configured to start automa
On 11/09/2014 10:14 AM, David G Johnston wrote:
Adrian Klaver-4 wrote
Thank you for all comments and suggestions.
More comments/suggestions will have to wait until the missing pieces are
filled in.
I read most of these mailing list emails via Nabble and the pieces you show
as missing are pre
Windows automatically changed the data folder attribute back to Read Only.
The only Windows groups that have full permission are SYSTEM, Administrators
and my administrator /user account.
--
View this message in context:
http://postgresql.1045698.n5.nabble.com/SSL-Certificates-in-Postgres-9-
As suggested, I changed the data folder permissions from Read Only to allow
Read / Write (I was already logged in as Administrator), but the errors are
the same.
If I remove the SSL-related lines in pg_hba.conf and postgresql.conf, and
use the following lines instead in pg_hba.conf, I am able t
Quoting original message to try and show file contents...
harpagornis wrote
> I am trying to implement SSL certificates with postgres 9.3 locally in
> Windows 7. In Windows Component Services / Local Services, postrgres is
> configured to start automatically, with Log On as a local system accoun
Adrian Klaver-4 wrote
>> Thank you for all comments and suggestions.
>
> More comments/suggestions will have to wait until the missing pieces are
> filled in.
I read most of these mailing list emails via Nabble and the pieces you show
as missing are present in what I am reading. If I go to repl
On 9 November 2014 05:07, harpagornis wrote:
> I am trying to implement SSL certificates with postgres 9.3 locally in
> Windows 7. In Windows Component Services / Local Services, postrgres is
> configured to start automatically, with Log On as a local system account.
>
Postgres on Windows will n
On 11/08/2014 08:07 PM, harpagornis wrote:
I am trying to implement SSL certificates with postgres 9.3 locally in
Windows 7. In Windows Component Services / Local Services, postrgres is
configured to start automatically, with Log On as a local system account.
Using my Windows administrator acco
I am trying to implement SSL certificates with postgres 9.3 locally in
Windows 7. In Windows Component Services / Local Services, postrgres is
configured to start automatically, with Log On as a local system account.
Using my Windows administrator account, in a command prompt inside my data
fol
On 05/08/2014 09:58 PM, Krystian Bigaj wrote:
I've build OpenSSL with zlib (perl Configure VC-WIN32 no-asm
zlib-dynamic --prefix=...) and now compression works correctly.
After executing:
SELECT lpad('', 1024*1024, 'A')
there is only about 13kB of TCP transfer instead of ~1MB.
Thanks again!
Ho
I've build OpenSSL with zlib (perl Configure VC-WIN32 no-asm zlib-dynamic
--prefix=...) and now compression works correctly.
After executing:
SELECT lpad('', 1024*1024, 'A')
there is only about 13kB of TCP transfer instead of ~1MB.
Thanks again!
However I'm still curious why windows build doesn'
Thanks! That would make sense why it doesn't work on Windows.
Do you know why PG build for Windows ships zlib support enabled for PG
(mostly pg_dump/pg_restore) but disabled for OpenSSL?
Best regards,
Krystian Bigaj
On 8 May 2014 17:28, Terence Ferraro wrote:
> You mentioned you are using the
You mentioned you are using the Windows version; unless something has
changed recently in their build process, the included openssl library is
not linked against zlib and therefore compression is not possible unless
you recompile the Windows version yourself.
*Terence J. Ferraro*
On Thu, May 8,
On 05/08/2014 01:22 AM, Krystian Bigaj wrote:
Hi,
I'm wondering how, and if SSL compression works correctly.
Here is how I tested it:
- PostgreSQL 9.3.4 x86 on Windows 7 x64
- .crt/.key files by openssl, and placed in database cluster folder
- postgres.exe ran with: --ssl="on" --ssl_cert_file="
Hi,
I'm wondering how, and if SSL compression works correctly.
Here is how I tested it:
- PostgreSQL 9.3.4 x86 on Windows 7 x64
- .crt/.key files by openssl, and placed in database cluster folder
- postgres.exe ran with: --ssl="on" --ssl_cert_file="test.crt"
--ssl_key_file="test.key"
- connection
On 8/20/2013 9:07 PM, ascot.m...@gmail.com wrote:
I am planning Streaming Replication to a new remote server, can you please
suggest how to set up data encryption by SSL or tunnelling in Postgresql?
see
http://www.postgresql.org/docs/current/static/ssl-tcp.html
--
john r pierce
Em 21/08/2013 01:07, ascot.m...@gmail.com escreveu:
Hi,
I am planning Streaming Replication to a new remote server, can you please
suggest how to set up data encryption by SSL or tunnelling in Postgresql?
regards
I've implemented streaming replication using OpenVPN as encrypted
tunneling s
Hi,
I am planning Streaming Replication to a new remote server, can you please
suggest how to set up data encryption by SSL or tunnelling in Postgresql?
regards
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.or
On Aug 15, 2013, at 5:41 AM, Stuart Ford wrote:
> Dear community
>
> We have a problem on our development database server, which supports a PHP
> application, which connects to it from a different server. Sometimes,
> around 1 in 4 page loads, it fails and reports the following error message:
>
Stuart Ford wrote:
> We have a problem on our development database server, which supports a PHP
> application, which connects to it from a different server. Sometimes,
> around 1 in 4 page loads, it fails and reports the following error message:
>
> FATAL: terminating connection due to administrat
On 08/15/2013 10:05 AM, Stuart Ford wrote:
Guy
No, we don't. It's also not happening on another platform which uses the
same switch stack (and indeed VMWare cluster), so these aren't factors.
For completeness sake:
When you reset the SSL values did you restart the server?
Left field category
Guy
No, we don't. It's also not happening on another platform which uses the
same switch stack (and indeed VMWare cluster), so these aren't factors.
Stuart
On 15/08/2013 16:59, "Guy Helmer" wrote:
>On Aug 15, 2013, at 5:41 AM, Stuart Ford wrote:
>
>> Dear community
>>
>> We have a problem on
On 15 August 2013 15:29, Stuart Ford wrote:
> Alban
>
> I would agree with you, except
...that you misread what I wrote ;)
> it still happens even after I have disabled
> all SSL related stuff in postgresql.conf and pg_hba.conf.
Well, of course. Why would that make any difference? Your prob
Ford
Cc: "pgsql-general@postgresql.org"
Subject: Re: [GENERAL] SSL connection has been closed unexpectedly
On 15 August 2013 12:41, Stuart Ford wrote:
Dear community
We have a problem on our development database server, which supports a PHP
application, which connects to it from a d
On 15 August 2013 12:41, Stuart Ford wrote:
> Dear community
>
> We have a problem on our development database server, which supports a PHP
> application, which connects to it from a different server. Sometimes,
> around 1 in 4 page loads, it fails and reports the following error message:
>
> FAT
Dear community
We have a problem on our development database server, which supports a PHP
application, which connects to it from a different server. Sometimes,
around 1 in 4 page loads, it fails and reports the following error message:
FATAL: terminating connection due to administrator command SS
Hi folks,
I'm using PG 8.4.10 on Ubuntu Server 10.04.3.LTS x86_64.
Is there any way to query the SSL mode for client connections?
E.g. select backend_id from some_table_or_view where ssl_mode = false;
I have not been able to find it in pg_stat_activity or anywhere else in
the catalog. Maybe I
On Wed, Sep 07, 2011 at 04:37:24PM +0200, Asia wrote:
> put top-level CA cert from CA having two certs in root.crt
[. . .]
> how libpq works with chained CA's.
"Two certs" and "chained CAs" are completely different problems. What
are you trying to do, exactly?
A
--
Andrew Sullivan
a...@cran
Asia Wednesday 07 of September 2011 16:00:39
> > I personally haven't tired SSL for PostgreSQL but, I think, You should
> > put in root.crt only intermediate certificate (C1 - from prev post), so
> > all and only all "sub-certs" of intermediate CA will be able to
> > establish connection (paranoic
Asia writes:
> I have a feeling that jdbc list is not the right list to ask why libpq does
> not work when I
> put top-level CA cert from CA having two certs in root.crt while you stated
> it would be
> proper configuration.
What is a "CA having two certs"? AFAIK, there is no such animal.
I have a feeling that jdbc list is not the right list to ask why libpq does not
work when I
put top-level CA cert from CA having two certs in root.crt while you stated it
would be
proper configuration.
There are 2 related threads here: one with consistency between libpq and jdbc
driver and the
Asia writes:
> The problem is that I believe that this configuration could be better but I
> cannot put part
> of CA chain in root.crt as it was advised.
> For Java it all depends on current SSL Factory implementation, I was using
> the default one.
> If I wrote my own implementation I would pr
>
> I personally haven't tired SSL for PostgreSQL but, I think, You should
> put in root.crt only intermediate certificate (C1 - from prev post), so
> all and only all "sub-certs" of intermediate CA will be able to
> establish connection (paranoic security).
>
> Putting intermediate CAs as tru
On Wednesday, September 07, 2011 4:49:30 am Asia wrote:
>
> The problem is that I believe that this configuration could be better but I
> cannot put part of CA chain in root.crt as it was advised.
> For Java it all depends on current SSL Factory implementation, I was using
> the default one. If I
On Wed, 07 Sep 2011 13:49:30 +0200, Asia wrote:
I think problem is as follows, server sends to client certificates
it
can accept (as accepted parents), without intermediate CA, Java sees
only top-level cert and tries to find client cert issued directly by
top-level CA, I may only assume, that
>
> I think problem is as follows, server sends to client certificates it
> can accept (as accepted parents), without intermediate CA, Java sees
> only top-level cert and tries to find client cert issued directly by
> top-level CA, I may only assume, that without intermediate CA you will
> be
On Wed, 07 Sep 2011 12:03:45 +0200, Asia wrote:
Asia writes:
> I would expect to have only one top-level CA cert in server's and
client's root.crt and it was not possible to configure with 2-level
intermediate CA.
This seems a little confused, since in your previous message you
stated
that
> Asia writes:
> > I would expect to have only one top-level CA cert in server's and client's
> > root.crt and it was not possible to configure with 2-level intermediate CA.
>
> This seems a little confused, since in your previous message you stated
> that libpq worked correctly and JDBC did no
Asia writes:
> I would expect to have only one top-level CA cert in server's and client's
> root.crt and it was not possible to configure with 2-level intermediate CA.
This seems a little confused, since in your previous message you stated
that libpq worked correctly and JDBC did not, and now y
> Asia writes:
> > Now the issue is then when using libpq it was enough to have only root
> > certificate in server's root.crt and it worked fine.
> > But when I tried using the same with JDBC it turned out that I need to put
> > whole chain (2 certs) of Intermediate CA 1 in server's root.crt.
>
Il giorno lun, 22/08/2011 alle 09.37 -0400, Tom Lane ha scritto:
> Asia writes:
> > Now the issue is then when using libpq it was enough to have only root
> > certificate in server's root.crt and it worked fine.
> > But when I tried using the same with JDBC it turned out that I need to put
> > w
Thank you for your reply. I agree that this configuration could be better and
this is why I sent my post.
There is still one concern remaining. As I said I have working configuration
with libpq and jdbc. For jdbc I created keystore, that is properly used with
connection ssl=on parameter and cli
Asia writes:
> Now the issue is then when using libpq it was enough to have only root
> certificate in server's root.crt and it worked fine.
> But when I tried using the same with JDBC it turned out that I need to put
> whole chain (2 certs) of Intermediate CA 1 in server's root.crt.
This is po
Recently I have been working on implementation of mutual SSL authentication
between our application and PostgreSQL database.
I managed to make it work wih "ssl=true" connection option and "clientcert=1"
flags in pg_hba.conf. Moreover I managed to make it work with C++ application
using libpq and
thank you, I install postgres from source, and use --with-openssl.
Hey,
Sounds like you does not have SSL library installed.
Try to install, for example, OpenSSL first and then try
to build you software.
2010/12/12 zab08
> when I install sysbench-0.4.8, after the make command:
>
>
> /usr/bin/ld: warning: libssl.so.6, needed by
> /opt/PostgreSQL/9.0/lib/libpq.
when I install sysbench-0.4.8, after the make command:
/usr/bin/ld: warning: libssl.so.6, needed by /opt/PostgreSQL/9.0/lib/libpq.so,
not found (try using -rpath or -rpath-link)
/usr/bin/ld: warning: libcrypto.so.6, needed by
/opt/PostgreSQL/9.0/lib/libpq.so, not found (try using -rpath or -
when I install sysbench-0.4.8, after the make command:
/usr/bin/ld: warning: libssl.so.6, needed by /opt/PostgreSQL/9.0/lib/libpq.so,
not found (try using -rpath or -rpath-link)
/usr/bin/ld: warning: libcrypto.so.6, needed by
/opt/PostgreSQL/9.0/lib/libpq.so, not found (try using -rpath or -
On Tue, May 04, 2010 at 05:12:16PM +0600, AI Rumman wrote:
> I change the pg_hba.conf as below:
and you restart or do a pg_ctl reload?
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
I change the pg_hba.conf as below:
hostssl allall10.0.0.34/32 md5
But still the same problem.
On Tue, May 4, 2010 at 5:03 PM, Thom Brown wrote:
> On 4 May 2010 11:50, AI Rumman wrote:
>
>> I have created server.crt and server.key using the Postgresql
>> documentation.
>>
>> F
On 4 May 2010 11:50, AI Rumman wrote:
> I have created server.crt and server.key using the Postgresql
> documentation.
>
> Followings are the commands:
> ---
> openssl req -new -text -out server.req
>
> openssl rsa -in privkey.pem -out server.key
> rm privk
I have created server.crt and server.key using the Postgresql documentation.
Followings are the commands:
---
openssl req -new -text -out server.req
openssl rsa -in privkey.pem -out server.key
rm privkey.pem
openssl req -x509 -in server.req -text -key serv
1 - 100 of 206 matches
Mail list logo
