Postgres Pro
Downloads
Home   >   mailing lists

Thread: pgAdmin 1.8.2 SSL connection woes

pgAdmin 1.8.2 SSL connection woes

From
Richard Tector
Date:
I might be missing the point here, but I can't seem to get pgAdmin to 
initiate an SSL encrypted connection to any of our PostgreSQL servers 
(mainly 8.2, some 8.3) but using password (md5) authentication.
Setting SSL to require in the connection properties for the server leads 
to "could not read certificate" or "could not read private key file" 
messages. This makes sense if I were trying to connect using client 
ceritificates for authentication but not for md5 type auth.

Any thoughts on the matter would be much appreiciated.


Kind regards,

Richard Tector


P.S. I'm not subscribed to the list, so please keep me CC'd. Thanks.

Re: pgAdmin 1.8.2 SSL connection woes

From
"Dave Page"
Date:
On Wed, Jun 18, 2008 at 5:48 PM, Richard Tector
<richardtector@thekeelecentre.com> wrote:
> I might be missing the point here, but I can't seem to get pgAdmin to
> initiate an SSL encrypted connection to any of our PostgreSQL servers
> (mainly 8.2, some 8.3) but using password (md5) authentication.
> Setting SSL to require in the connection properties for the server leads to
> "could not read certificate" or "could not read private key file" messages.
> This makes sense if I were trying to connect using client ceritificates for
> authentication but not for md5 type auth.
>
> Any thoughts on the matter would be much appreiciated.

I suspect you have a root certificate (root.crt) in your data
directory on the server. If this is found at server start, client
certificates will be requested to authenticate the client (not the
user) whenever an SSL connection is initiated. See
http://www.postgresql.org/docs/8.3/static/ssl-tcp.html for more
details.

-- 
Dave Page
EnterpriseDB UK: http://www.enterprisedb.com

Re: pgAdmin 1.8.2 SSL connection woes

From
Richard Tector
Date:
Dave Page wrote:
> On Wed, Jun 18, 2008 at 5:48 PM, Richard Tector
> <richardtector@thekeelecentre.com> wrote:
>> I might be missing the point here, but I can't seem to get pgAdmin to
>> initiate an SSL encrypted connection to any of our PostgreSQL servers
>> (mainly 8.2, some 8.3) but using password (md5) authentication.
>> Setting SSL to require in the connection properties for the server leads to
>> "could not read certificate" or "could not read private key file" messages.
>> This makes sense if I were trying to connect using client ceritificates for
>> authentication but not for md5 type auth.
>>
>> Any thoughts on the matter would be much appreiciated.
> 
> I suspect you have a root certificate (root.crt) in your data
> directory on the server. If this is found at server start, client
> certificates will be requested to authenticate the client (not the
> user) whenever an SSL connection is initiated. See
> http://www.postgresql.org/docs/8.3/static/ssl-tcp.html for more
> details.
> 

Excellent point. I'd never picked up on that.

Thanks very much, it's now working as required.

Richard