On 11/09/2014 10:17 AM, David G Johnston wrote:
> Quoting original message to try and show file contents...
>
>
> harpagornis wrote
>> I am trying to implement SSL certificates with postgres 9.3 locally in
>> Windows 7. In Windows Component Services / Local Services, postrgres is
>> configured to start automatically, with Log On as a local system account.
>>
>> Using my Windows administrator account, in a command prompt inside my data
>> folder, when I execute postgres -D . , I get the message, "Redirecting
>> logging output to the logging collector service." I also get this error
>> message in my log file:
>>
>> 2014-11-09 03:05:13 GMT LOG: client certificates can only be checked if a
>> root certificate store is available
>> 2014-11-09 03:05:13 GMT HINT: Make sure the configuration parameter
>> "ssl_ca_file" is set.
>> 2014-11-09 03:05:13 GMT CONTEXT: line 2 of configuration file
>> "D:/PostgresDat/pg_hba.conf"
>> 2014-11-09 03:05:13 GMT FATAL: could not load pg_hba.conf
>>
>> When I try to connect in PgAdminIII I get the error message, "Server isn't
>> listening" What am I doing wrong? Right now, just for development
>> purposes, do I need to have a root certificate? I tried unsuccessfully to
>> create one with makecert but couldn't get the flags and options right.
My suggestion would be to read:
http://www.postgresql.org/docs/9.3/interactive/ssl-tcp.html
The short version:
If you want a client to supply a certificate then you need a valid
ssl_ca_file. If you do not want that to happen do not set cert
clientcert=1 in pg_hba.conf
>
> David J.
>
>
>
> --
> View this message in context:
http://postgresql.1045698.n5.nabble.com/SSL-Certificates-in-Postgres-9-3-and-Windows-7-tp5826230p5826247.html
> Sent from the PostgreSQL - general mailing list archive at Nabble.com.
>
>
--
Adrian Klaver
adrian.klaver@aklaver.com
