ssl certification - Mailing list pgsql-general

From Lu, Chenyang
Subject ssl certification
Date
Msg-id b03838076e95445385cbcf187f8b9dcb@G08CNEXMBPEKD04.g08.fujitsu.local
Whole thread Raw
List pgsql-general

Hi~

 

    Forgive me for not being familiar with SSL.

 

    When I try to use SSL certification function.(in postgresql9.5.22)

The service uses the following configuration

Set ssl=on in postgresql.conf

   Set ssl_cert_file=server.crt in postgresql.conf

   Set ssl_key_file=server.key in postgresql.conf

   Set ssl_ca_file=root.crt in postgresql.conf

CASE 1. Add hostssl    test             all             all             md5 in pg_hba.conf

CASE 2. Add hostssl    test             all             all             cert in pg_hba.conf

    

    In CASE 1 : use  psql -U test -d "postgresql://193.xxx.xxx.xxx/test?sslmode=verify-ca"

                I can connect normally.

    In CASE 2 : use  the same connection string

                I got "psql: FATAL:  connection requires a valid client certificate (10689)"

 

    Question:cert in pg_hba.conf means what? How can I configure the client Certificate it needs.

 

    Thanks~

 

pgsql-general by date:

Previous
From: Magnus Hagander
Date:
Subject: Re: PANIC: could not write to log file {} at offset {}, length {}: Invalid argument
Next
From: Jonathan Katz
Date:
Subject: Re: Christopher Browne