Home > mailing lists

Re: How to enable SSL on client - Mailing list pgsql-admin

From	reiner peterke
Subject	Re: How to enable SSL on client
Date	December 5, 2014 13:22:44
Msg-id	D39EB846-099A-4241-B459-90238DBD1DC6@drizzle.com Whole thread Raw
In response to	How to enable SSL on client ("Rajagopalan, Jayashree" <Jayashree.Rajagopalan@emc.com>)
List	pgsql-admin

Tree view

On Dec 5, 2014, at 10:37 AM, Rajagopalan, Jayashree <Jayashree.Rajagopalan@emc.com> wrote:

Hi all:

I’m on postgres 9.0.18. Want to enable SSL for the DB connections.
The binaries are build including the openssl.

I modified the postgresql.conf – for ssl=on.
Copied the server.crt in the data folder.
Modified pg_hba.conf - to add:

“hostssl all all 0.0.0.0/0 md5”

Getting the following errors in the logs when I start DB:
FATAL: no pg_hba.conf entry for host "127.0.0.1", user "myuser", database "mydb", SSL off

Can someone share the right procedure to enable SSL on client?
I’ve created ~/.posgresql directory and added the client.crt and server.key.

Regards
Jayashree

Hi Jayashree,

I was recently setting this up, if i remember correctly to get the client to use SSL, i set the PGSSLMODE environment variable to prefer or require.

Unfortunately I don’t work with that system anymore so i cannot just look at the settings.

Let me know if that helps.

Reiner

pgsql-admin by date:

From: Matthieu Lejeune
Date: 05 December 2014, 13:06:13
Subject: Problem pg_upgradecluster from 9.1 to 9.3

From: Matthieu Lejeune
Date: 05 December 2014, 13:24:33
Subject: Re: Problem pg_upgradecluster from 9.1 to 9.3

Re: How to enable SSL on client - Mailing list pgsql-admin

Previous

Next