Re: Postgres won't start after setting ssl=on - Mailing list pgsql-general

From Darren Duncan
Subject Re: Postgres won't start after setting ssl=on
Date
Msg-id 4CB13B3E.8030904@darrenduncan.net
Whole thread Raw
In response to Postgres won't start after setting ssl=on  (Mike Christensen <mike@kitchenpc.com>)
Responses Re: Postgres won't start after setting ssl=on
Re: Postgres won't start after setting ssl=on
List pgsql-general
The owner of these new files needs to be the same as that of your Pg data dir in
general or postgresql.conf specifically, and that owner be the same as the
process that runs the Pg server.  Are you running Pg as root?  (In any event,
you should have another user; running programs or servers as root when they
don't need root powers is generally a bad idea.) -- Darren Duncan

Mike Christensen wrote:
> Hi, I'm trying to require SSL for Postgres connections from certain
> IPs..  This is on Postgres 9.0.
>
> First, I've followed the directions at:
>
> http://www.postgresql.org/docs/9.0/static/ssl-tcp.html
>
> I've created the files server.crt and server.key.  I've also removed
> the passphrase from the key so Postgres can start automatically.
> Finally, I ran:
>
> chmod 0600 server.key
>
> The permissions on server.key are now:
>
> -rw------- 1 root root 887 Oct 10 03:42 server.key
>
> However, when I set ssl = on in postgresql.conf and start the server,
> I get the logged error:
>
> 2010-10-10 03:47:07 UTC FATAL:  could not load private key file
> "server.key": Permission denied
>
> I'm logged on as root.  Any ideas?  Thanks!
>
> Mike


pgsql-general by date:

Previous
From: Mike Christensen
Date:
Subject: Re: Postgres won't start after setting ssl=on
Next
From: Mike Christensen
Date:
Subject: Re: Postgres won't start after setting ssl=on