On Fri, 2017-12-08 at 07:40 -0500, chiru r wrote:
> We are using LDAP authentication for authenticating users in
> PostgreSQL on Linux server and we are able to authenticate
> successfully.
Then one presumes you are using PAM (?) for password authentication -
this question is really about pam_ldap, it is not specific to
PostgreSQL in any way.
> Please help me i have couple of questions to configuring LDAPS.
> 1. Which location we need to keep the LDAPs Certificate files in
> PostgreSQL Linux server ?.
> 2. Do we need to change any configuration file for certificate
> references on Linux server ? .
The server should be configured to recognize certificates signed by
whatever authority you are using - where they go to do that depends on
your distribution. Usually that involves putting the signing
certificate somewhere like /usr/share/pki/ca-trust-source/anchors/ and
running "update-ca-trust". If your server already recognizes your CA
you don't need to do anything other than changing PAM to use LDAPS.
> 2. What need to be changed in Postgresql.conf file and pg_hba.conf
> file ?
Nothing, PostgreSQL just calls the PAM library. It does not care what
happens beneath that.
--
Meetings Coordinator, Michigan Association of Railroad Passengers
537 Shirley St NE Grand Rapids, MI 49503-1754 Phone: 616.581.8010
E-mail: awilliam@whitemice.org GPG#D95ED383 Web: http://www.marp.org