On Mon, December 6, 2010 13:29, James B. Byrne wrote:
>>
>
> The problem was an expired pki certificate. When we first used ssl
> for pg we did not have our private CA set up. So we generated a
> self-signed certificate. That certificate expired this past July
> and I infer that while 8.1 did n
On Mon, December 6, 2010 00:47, Greg Smith wrote:
>
> That looks to be the str_copy routine from conf_def.c in the OpenSSL
> code, i.e. line 624 of the version at:
>
> http://code.google.com/p/commitmonitor/source/browse/trunk/common/openssl/crypto/conf/conf_def.c
>
> So guessing something in the
Tom Lane wrote:
"James B. Byrne" writes:
I wrote too soon. What I did was uncomment the ssl option. I
neglected to change the setting from off to on.
When I try to start the server with ssl=on it fails with this error:
Auto configuration failed
29006:error:0E065068:co
On Sat, December 4, 2010 01:11, Tom Lane wrote:
> "James B. Byrne" writes:
>> I wrote too soon. What I did was uncomment the ssl option. I
>> neglected to change the setting from off to on.
>
>> When I try to start the server with ssl=on it fails with this
>> error:
>
>> Auto configuration fail
"James B. Byrne" writes:
> I wrote too soon. What I did was uncomment the ssl option. I
> neglected to change the setting from off to on.
> When I try to start the server with ssl=on it fails with this error:
> Auto configuration failed
> 29006:error:0E065068:configuration file routines:STR_CO
On Wed, December 1, 2010 16:54, Tom Lane wrote:
> "James B. Byrne" writes:
>> Earlier today I attempted to upgrade a production server
>> from 8.1 to 8.4 using the pgdg-84-centos.repo. I say
>> attempted because I could never get it to support ssl
>> connections and as that is a requirement I ha
On Thu, December 2, 2010 15:32, James B. Byrne wrote:
>
> On Thu, December 2, 2010 15:23, Devrim GÜNDÜZ wrote:
>> On Wed, 2010-12-01 at 16:54 -0500, Tom Lane wrote:
>>> AFAIK, the Red Hat RPMs work out-of-the-box with SELinux;
>>
>> They should -- we are using the same routines for initdb'ing.
>>
On Thu, December 2, 2010 15:23, Devrim GÜNDÜZ wrote:
> On Wed, 2010-12-01 at 16:54 -0500, Tom Lane wrote:
>> AFAIK, the Red Hat RPMs work out-of-the-box with SELinux;
>
> They should -- we are using the same routines for initdb'ing.
>
I will do a touch /.autorelabel and restart the server before
On Wed, 2010-12-01 at 16:54 -0500, Tom Lane wrote:
> AFAIK, the Red Hat RPMs work out-of-the-box with SELinux; I'm a bit
> surprised to hear that the PGDG ones don't, because last I heard
> they use the same file layout.
They should -- we are using the same routines for initdb'ing.
--
Devrim GÜ
On Wed, December 1, 2010 16:54, Tom Lane wrote:
> "James B. Byrne" writes:
>> Earlier today I attempted to upgrade a production server from 8.1
>> to
>> 8.4 using the pgdg-84-centos.repo. I say attempted because I
>> could
>> never get it to support ssl connections and as that is a
>> requiremen
On Wed, December 1, 2010 16:54, Tom Lane wrote:
>> Whatever was the cause of the ssl problem I also encountered a
>> surprising number of SELinux violations. The following details
>> the
>> SELinux settings that I ultimately had to apply as a local module.
>> This took a considerable period of t
"James B. Byrne" writes:
> Earlier today I attempted to upgrade a production server from 8.1 to
> 8.4 using the pgdg-84-centos.repo. I say attempted because I could
> never get it to support ssl connections and as that is a requirement
> I had to roll back to 8.1.
Can't comment on that without a
12 matches
Mail list logo
