ok,thanks
but now, do you have any idea?
in the previuos e-mail I sent you only the server error now I send you the
server log messages at postgres startup time:
2004-07-15 14:03:40 LOG: could not load root certificate file
"/usr/local/pgsql-7.4.2/bin/../../pgsql-7.4.1/data/root.crt": No such file
or directory
DETAIL: Will not verify client certificates.
2004-07-15 14:03:40 LOG: could not create IPv6 socket: Famiglia
dell'indirizzo non gestita dal protocollo
2004-07-15 14:03:40 LOG: database system was shut down at 2004-07-15
14:03:40 CEST
2004-07-15 14:03:40 LOG: checkpoint record is at 11/F6DC6DB4
2004-07-15 14:03:40 LOG: redo record is at 11/F6DC6DB4; undo record is at
0/0; shutdown TRUE
2004-07-15 14:03:40 LOG: next transaction ID: 27829164; next OID: 45696008
2004-07-15 14:03:40 LOG: database system is ready
It doesn't find any root.crt, this is right, I think.
Thanks in advance.
RedS
----- Original Message -----
From: "Kris Jurka" <books@ejurka.com>
To: "Stefano Bonnin" <stefano.bonnin@comai.to>
Cc: <pgsql-jdbc@postgresql.org>
Sent: Thursday, July 15, 2004 3:40 PM
Subject: Re: [JDBC] SSL Problem
>
>
> On Thu, 15 Jul 2004, Stefano Bonnin wrote:
> > keytool -keystore
/usr/local/j2sdk1.4.2_04/jre/lib/security/cacerts -alias
> > postgres -import -file server.crt.der
> >
> > What I did't undestand in this steps is the following:
> >
> > keytool -keystore ... etc ...
> >
> > import the certificate in the java keystore and the JDBC driver *must*
find
> > the certificate in the keystore and download it on the client, is't
true? (I
> > dont't know if this is true) BUT if my affermation is true HOW the JDBC
> > driver (on the client) can find it in
> > /usr/local/j2sdk1.4.2_04/jre/lib/security?
>
> The certificate must be available to the client. There is no "find and
> download" going on. These instructions were likely written for the client
> on the same machine as the server so it was not emphasized that the cert
> needs to be available to the client JVM.
>
> Kris Jurka
>