Re: PostgreSQL 9.3.5 - Enable SSL - Mailing list pgsql-admin
From | Venkata Balaji N |
---|---|
Subject | Re: PostgreSQL 9.3.5 - Enable SSL |
Date | |
Msg-id | CAEyp7J8_yALC2VMZSWmB=QH6JoFJzHif7t0zcvhhuO7FKUGqLA@mail.gmail.com Whole thread Raw |
In response to | PostgreSQL 9.3.5 - Enable SSL (<shyamkant.dhamke@wipro.com>) |
List | pgsql-admin |
Please let me know if I have existing non-ssl setup how I can migrate it to SSL enabled setup?
Also let me know in case streaming replication is on with non-SSL , do I need to follow same steps to enable SSL for replication server?
Sent: 21 February, 2016 3:29 PM
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.comTo: Shyamkant Dhamke (BAS) <shyamkant.dhamke@wipro.com>
Cc: scott.marlowe@gmail.com; drum.lucas@gmail.com; pgsql-admin <pgsql-admin@postgresql.org>
Subject: Re: [ADMIN] PostgreSQL 9.3.5 - Enable SSL
On Fri, Feb 19, 2016 at 5:28 PM, <shyamkant.dhamke@wipro.com> wrote:
Hello All,
I need help on following.
Current Setup -
We have PostgreSQL 9.3.5 running on RedHAT Linux 6 without SSL enabled & have database of size 150 GB & we have C & .Net application connecting to the database.
Changes required in current Setup
We need to enable SSL on PGSQL 9.3.5 . Please let me know the steps to be performed so that I can enable SSL & use existing database.
You need to have OpenSSL software installed on the database server. If not you can use yum install to install openssl software or can download the appropriate openssl version from the below link -
PostgreSQL needs to be compiled with "--with-openssl" option. Following link has the required information to generate certificate and key files post which you need to configure ssl* parameters in postgresql.conf file -
Also what is required for applications (C & .net) to connect to database.
"hostssl" entry needs to be made in the pg_hba.conf file for the application servers intending connect to PostgreSQL cluster in SSL mode. I believe you must be using npgsql driver to connect to PostgreSQL, you need to configure npgsql driver to send ssl mode connections to postgresql. By default SSL mode is "off" for npgsql driver. Please refer to the below link.
Regards,
Venkata B N
Fujitsu Australia
pgsql-admin by date: