Thread: error on launching postgres in ssl mode

error on launching postgres in ssl mode

From
"Luca Stancapiano"
Date:
hello.....I've created the server.key and server.crt in this manner:

openssl req -new -nodes -keyout server.key -out server.csr

openssl req -key /home/data/server.key -in /home/data/server.csr -out
server.crt

then:

chmod 700 /home/data/server.key /home/data/server.crt

chown postgres:postgres /home/data/server.key /home/data/server.crt

and I put theese in my data home.

I launch postgres in this manner:

postmaster -il -p '$PGPORT' -D '$PGDATA_LOCAL' ${PGOPTS} &

when I launch it I have this error:

FATAL:  could not load server certificate file "/home/data/server.crt": no
start line


why?

Re: error on launching postgres in ssl mode

From
Tom Lane
Date:
"Luca Stancapiano" <l.stancapiano@k-tech.it> writes:
> hello.....I've created the server.key and server.crt in this manner:
> openssl req -new -nodes -keyout server.key -out server.csr

> openssl req -key /home/data/server.key -in /home/data/server.csr -out
> server.crt

> ...

> when I launch it I have this error:

> FATAL:  could not load server certificate file "/home/data/server.crt": no
> start line

> why?

You're asking the wrong people: you should be asking some SSL experts.

All I can say about the above process is that it doesn't match the
example key creation process given in our documentation.  I suppose
you have messed up the "openssl req" steps but I don't know just how.

            regards, tom lane