On Mon, 05 Dec 2011 08:28:33 +0800, Craig Ringer wrote:
> You don't need the SecurityManager enabled. You need the java.net.ssl
> properties for keyStore, keyStorePassword and keyStoreType set to point
> to your JECKS keystore, and need trustStore, trustStorePassword and
> trustStoreType set to point to the keystore you imported the database's
> certificate into, which is probably the same store in your case.
<snip option 2>
Thanks for the guidance, Craig. I'm trying to use javax.net.ssl but I'm
still stuck. Sample below:
-------------------------------------------------------------
$ java -Djavax.net.ssl.keyStore=$HOME/.postgresql/clientstore \
-Djavax.net.ssl.keyStorePassword=changeit \
-Djavax.net.ssl.keyStoreType="jks" \
-Djavax.net.ssl.trustStore=$JAVA_HOME/lib/security/cacerts \
-Djavax.net.ssl.trustStorePassword=changeit \
-Djavax.net.ssl.trustStoreType="jks" \
JDBCExample neptune misc
-------- PostgreSQL JDBC Connection Testing ------------
PostgreSQL JDBC driver registered
Getting connection to jdbc:postgresql://neptune/misc
Connect failed: FATAL: connection requires a valid client certificate
-------------------------------------------------------------
Any idea what I am doing wrong?
Thanks.
