Re: [JDBC] can't access through SSL - Mailing list pgsql-general

Hi Adrian,

Thanks for sharing some pointers with me.  You are right, it's not actually=
 an JDBC driver issue.  I posted it on jdbc, because I'm accessing it from =
a jdbc client, I thought there might be some security issues with the JDBC =
driver.

1) I'm running postgres-xc v. 9.1.  I'm "pretty" sure that my postgres setu=
p is correct.  Another person from this distribution list help me a bit.  T=
his test shows me that the ssl is setup correctly on my server...

----------
postgres-xc@adminuser-VirtualBox:~/datanode2$ psql=20
psql (PGXC 1.0.0, based on PG 9.1.4)
Type "help" for help.

postgres=3D# \q
postgres-xc@adminuser-VirtualBox:~/datanode2$ psql -h localhost
psql: FATAL:  connection requires a valid client certificate
FATAL:  no pg_hba.conf entry for host "127.0.0.1", user "postgres-xc", data=
base "postgres", SSL off
postgres-xc@adminuser-VirtualBox:~/datanode2$
------------

2) My client is a tomcat server.  I've placed JDBC3 drivers (jar file) in t=
he WEB-INF lib directory of my webapp.=20

3) MY jdbc url is "jdbc:postgresql://localhost:5432:testdb?ssl=3Dtrue", and=
 believe me.... username and password are correct.

4) Both postgres and tomcat are running on the same machine (an Ubuntu linu=
x virtual box). =20

5) when I try to create a JDBC datasource on my tomcat, I enter the JDBC ur=
l + user + password, and I'm expecting it to be able to connect to it and a=
t least get a "test successful" but I don't.  I get the error that I sent..=
.
"Connection attempt failed: FATAL: connection requires a valid client certi=
ficate"

6) I've also specified the following java options..
-Djavax.net.ssl.trustStore=3D/home/adminuser/pentaho/keycerts/mazstore -Dja=
vax.net.ssl.trustStorePassword=3Dpassword

I'll post this on the other distribution list.  BTW, I don't see much in th=
e log files under /var/log directory.

-maz


-----Original Message-----
From: Adrian Klaver [mailto:adrian.klaver@gmail.com]=20
Sent: Sunday, February 24, 2013 8:08 PM
To: Maz Mohammadi
Cc: pgsql-jdbc@postgresql.org; pgsql-general@postgresql.org
Subject: Re: [GENERAL] [JDBC] can't access through SSL

On 02/24/2013 02:35 PM, Maz Mohammadi wrote:
> Correct!
>
> I'm new postgresql and I need to figure this out for a client.  I install=
ed a bunch packages on my Ubuntu linux and here I am.  I've learned a lot. =
 I have 2 datanodes, coordinator + gtm.

Some general pointers on helping to figure this out:

1) Postgres-XC !=3D Postgres. It shares a code base but adds more moving pa=
rts. Along that line, you will need to be more specific about how you have =
setup Postgres-XC and exactly which part is failing? I for one do not use i=
t, so I am not really sure what datanodes, coordinator and gmt signify. On =
a related note XC has its own mailing list(https://lists.sourceforge.net/li=
sts/listinfo/postgres-xc-general),
it may turn out there are people there that can answer the question sooner.


2) JDBC. It would seem from this thread and the other that covered this top=
ic that JDBC is not really the issue. To make your life simpler I would tes=
t your setup using psql until you get it running properly, then pull in JDB=
C to see if it adds any problems. Also, it is generally considered not good=
 protocol to cross post the same issue to different lists.


3) Simple with more detail is better. Create a minimum use case and then pr=
ovide maximum detail of how it was set up and run. For instance:

a) What are the versions of the software?
b) Where is the client being run from?
c) Where is the server?
d) How are both setup?
e) What is being done between the client and the server?
f) What do you expect to happen?
g) What is actually happening?
i) The actual error message(s)?

>
> -maz
>


--
Adrian Klaver
adrian.klaver@gmail.com