Actually, the new 7.3.1 error message is:
if (!S_ISREG(buf.st_mode) || (buf.st_mode & 0077) || buf.st_uid != getuid()) {
postmaster_error("badpermissions on private key file (%s)\n"
"File must be owned by the proper user and must have no permissions for\n"
"\"group\" or \"other\".", fnbuf); ExitPostmaster(1); }
so that should be clearer for people when it fails. 7.3 had similar
restrictions, but reported the failure more concisely.
---------------------------------------------------------------------------
Bhuvan A wrote:
>
> > I?m trying to config PG with SSL, but i got a error. I create the key
> > and the certificate and put both in $PGDATA directory. I also enabled
> > the ssl option in postgresql.conf. But when i run postmaster i got a
> > error saying that server.key has wrong permissions.
>
> It reports the error in either of the below cases:
>
> 1. If the file permission is not -r--r--r--.
> 2. If the certificate and the private key are invalid.
>
> The clear advice is available in the documentation itself. Try out
> http://developer.postgresql.org/docs/postgres/ssl-tcp.html for details.
>
> regards,
> bhuvaneswaran
>
>
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
> (send "unregister YourEmailAddressHere" to majordomo@postgresql.org)
>
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073
