I figured out that my TLS version was too low in the libpq call and increased it to TLS v1.1
Should I go to 1.2? I am wondering because I do not want to limit compatibility.
Once I got past that hurdle, I am getting the error "ssl error: the certificate verify failed"
Since I built the certificates myself self-signed, I am assuming I did something that Postgres does not like.
I should mention that I am using the Windows environment for testing (I will test Linux after Windows succeeds).
I would like to have all my certificates and keys on the same machine (localhost for local connections and dcorbit for tcp/ip).
I found a couple tutorials and tried them but it failed.
I saw one document that said the common name should be the postgres user name and that it should also be the connecting machine name. Is that correct?
Is there a document or tutorial that explains the correct steps?
Equally important, is there a way to get more complete diagnostics when something goes wrong (like WHY did the certificate verify fail)?
