Ivan Sergio Borgonovo napisal 16.10.2008 16:29:
> Debian etch + backported postgresql
>
> I just copied pg_hba.conf from 8.1 to 8.3.
>
> on postgresql.conf
> ssl=true
> listen_addresses = '*'
>
> symlinked root.crt -> /etc/ssl/certs/ssl-cert-snakeoil.pem
As described in documentation, giving "root.crt" to server means your
clients need client certificate to connect.
> Error connecting to the server: could not open certificate file
> "/home/ivan/.postgresql/postgresql.crt": No such file or directory
It looks like you don't have client certificate.
> is there an howto to do things properly in spite of just trial and
> errors?
This one should be enough:
http://www.postgresql.org/docs/current/interactive/ssl-tcp.html
You should either provide matching client certificate or remove root.crt
from server configuration.
--
Regards,
Tomasz Myrta