Home > mailing lists

Re: SSL between Primary and Seconday PostgreSQL DBs - Mailing list pgsql-general

From	Susan Joseph
Subject	Re: SSL between Primary and Seconday PostgreSQL DBs
Date	September 3, 2020 16:47:00
Msg-id	875525261.2709349.1599140820429@mail.yahoo.com Whole thread Raw
In response to	Re: SSL between Primary and Seconday PostgreSQL DBs (Stephen Frost <sfrost@snowman.net>)
List	pgsql-general

Tree view

Susan Joseph
sandajoseph@verizon.net

-----Original Message-----
From: Stephen Frost <sfrost@snowman.net>
To: Susan Joseph <sandajoseph@verizon.net>
Cc: pgsql-general@postgresql.org <pgsql-general@postgresql.org>
Sent: Thu, Sep 3, 2020 9:12 am
Subject: Re: SSL between Primary and Seconday PostgreSQL DBs

Greetings,

* Susan Joseph (sandajoseph@verizon.net) wrote:
> So I made the changes on the secondary to change the sslmode to verify-fullI removed the clientcert=1 in pg_hba.conf and removed any connections other than sslI removed the passfile info from recovery.confand now I am getting this error:
> 2020-09-03 13:01:49.990 UTC [7963] FATAL: could not connect to the primary server: server certificate for "lc-subca-pg.theforest.sap" does not match host name "192.168.1.142"

>>Yes, as I explained, because of exactly the issue that the host you've
>>told your secondary to connect to (looks like 192.168.1.142) doesn't
>>match the certificate presented by the primary (which looks to be
>>"lc-subca-pg.theforest.sap").

OK so I fixed that in my recovery.conf file so it is not set to the IP but to the FQDN and it is no longer throwing this error.

>>The answer is to make those two match.

Thanks,

Stephen

pgsql-general by date:

From: Siva postgres
Date: 03 September 2020, 16:42:42
Subject: Re: ODBC Driver dsplay name

From: Peter Eisentraut
Date: 03 September 2020, 16:59:18
Subject: Re: SSL between Primary and Seconday PostgreSQL DBs

Re: SSL between Primary and Seconday PostgreSQL DBs - Mailing list pgsql-general

Previous

Next