Thread: using SSL in psql
Hi,
How, using psql, can i connect to a PostgreSQL server that has "sslhost" in the pg_hba.conf file?
I can't find the SSL option in the manpage.
thx,
WBL
How, using psql, can i connect to a PostgreSQL server that has "sslhost" in the pg_hba.conf file?
I can't find the SSL option in the manpage.
thx,
WBL
Willy-Bas Loos wrote: > Hi, > > How, using psql, can i connect to a PostgreSQL server that has > "sslhost" in the pg_hba.conf file? > I can't find the SSL option in the manpage. > > thx, > > WBL Make sure both your server and client have ssl support compiled in. I'm not sure if that's there by default with the provided binaries, but if you compiled your own, you specified --with-openssl. Checking pg_config will be helpful here. Make sure your server is really configured to provide SSL support. ssl=on in the postgresql.conf, and be sure to have at least server.key and server.crt (and optionally your root.crt and root.crl). Make sure to ask for an ssl connection, especially if you have both ssl and non-ssl options in the pg_hba.conf. Use the environment variable PGSSLMODE=require to force the issue and test with psql. If successful, you will see a line similar to this above the ready prompt: [Usual welcome banner snipped] SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256) yourdb=> Alternatively, the only programmatic way to tell that I know if is the pgsslinfo contrib module, where you can install the function ssl_is_used() in your db. Manual re: server setup for SSL: http://www.postgresql.org/docs/8.3/interactive/ssl-tcp.html Useful environment variables for the client: http://www.postgresql.org/docs/current/static/libpq-envars.html Regards, Paul