On Fri, Apr 8, 2011 at 1:15 PM, Diego Schulz <dschulz@gmail.com> wrote:
> Hi,
> When linking to the certificate and key you should specify the full path.
> ln -s /etc/ssl/certs/db1_ssl.crt /full/path/to/db1_ssl.crt
> ln -s /etc/ssl/private/db1_ssl.key /full/path/to/db1_ssl.key
Thanks for the quick reply Diego. I posted the commands above and I
used the full path to the certificates as you can see. Here's the
info:
lrwxrwxrwx 1 postgres postgres 26 Apr 8 10:43 db1_ssl.crt ->
/etc/ssl/certs/db1_ssl.crt
lrwxrwxrwx 1 postgres postgres 28 Apr 8 10:50 db1_ssl.key ->
/etc/ssl/private/db1_ssl.key
The 1st part is just the symbolic link referenced in
/var/lib/postgresql/8.4/main but you can see it knows to reference the
symbolic links to /etc/ssl/...
I'm thinking there's some random configuration file for PostgreSQL
that has pointers to the old server.crt and server.key files but I've
searched /etc/postgres/ and /var/lib/postgresql/8.4/main completely
and can't find it what so ever. I am not authorized to disable SSL per
DoD standards / requirements sadly.
Any thing else I am missing? I can't be the 1st person to switch SSL
certificates during utilization.
