FW: PostgreSQL SSL specifying certificate paths
| От | Mark Williams |
|---|---|
| Тема | FW: PostgreSQL SSL specifying certificate paths |
| Дата | |
| Msg-id | 008d01d4ddb6$77c03aa0$6740afe0$@gmail.com обсуждение исходный текст |
| Список | pgsql-admin |
I have discovered what the problem is. Firedac is now wrapping the conninfo in single quotes before submitting it!
__
From: Mark Williams <markwillimas@gmail.com>
Sent: 18 March 2019 17:51
To: 'pgsql-admin@lists.postgresql.org' <pgsql-admin@lists.postgresql.org>
Subject: PostgreSQL SSL specifying certificate paths
I have had a problem previously connecting to PostgreSQL using Firedac. I managed to get this working, but then a recent update of Rad Studio has somehow changed the way that it passes through the cert file paths. I think this was to address an issue I raised about path delimiters being stripped away.
To overcome the problem I was specifying the paths as follows:
sslmode=verify-ca sslrootcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\root.crt sslcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.crt sslkey=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.key.
The new version of FireDac seems to be inserting escape characters itself so that it is passing through the “ConnInfo” as:
sslmode='verify-ca sslrootcert=C:\\\\ProgramData\\\\MWC\\\\Viewer\\\\Certs\\\\root.crt sslcert=C:\\\\ProgramData\\\\MWC\\\\Viewer\\\\Certs\\\\postgresql.crt sslkey=C:\\\\ProgramData\\\\MWC\\\\Viewer\\\\Certs\\\\postgresql.key'
Which is producing a Postgre error of:
ERROR: invalid sslmode value: "verify-ca sslrootcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\root.crt sslcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.crt sslkey=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.key
Naturally, I recoded so that I specified non-escaped windows paths and received the following error:
ERROR: invalid sslmode value: "verify-ca sslrootcert=C:\ProgramData\MWC\Viewer\Certs\root.crt sslcert=C:\ProgramData\MWC\Viewer\Certs\postgresql.crt sslkey=C:\ProgramData\MWC\Viewer\Certs\postgresql.key
I then tried forward slashes:
sslmode='verify-ca sslrootcert=C:/ProgramData/MWC/Viewer/Certs/root.crt sslcert=C:/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=C:/ProgramData/MWC/Viewer/Certs/postgresql.key'
And got the error:
ERROR: invalid sslmode value: "verify-ca sslrootcert=C:/ProgramData/MWC/Viewer/Certs/root.crt sslcert=C:/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=C:/ProgramData/MWC/Viewer/Certs/postgresql.key
I tried double forward slashes to no avail and then I tried Linux paths or at least what in my almost non-existent Linux experience I think is a Linus path:
sslmode='verify-ca sslrootcert=/C/ProgramData//MWC/Viewer/Certs/root.crt sslcert=/C/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=/C/ProgramData/MWC/Viewer/Certs/postgresql.key'
And got the error:
ERROR: invalid sslmode value: "verify-ca sslrootcert=/C/ProgramData//MWC/Viewer/Certs/root.crt sslcert=/C/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=/C/ProgramData/MWC/Viewer/Certs/postgresql.key
Is anybody able to show me in what format the conninfo parameter of PostgreSQL expects to receive a Windows path please?
Thanks
Mark
__
В списке pgsql-admin по дате отправления: