Re: SSL question

Поиск
Список
Период
Сортировка
От Tino Schwarze
Тема Re: SSL question
Дата
Msg-id 20080203103833.GA25561@easy2.in-chemnitz.de
обсуждение исходный текст
Ответ на SSL question  ("Bronson, Allan B. (Mission Systems)" <Allan.Bronson@ngc.com>)
Список pgsql-admin
On Fri, Feb 01, 2008 at 09:08:23AM -0600, Bronson, Allan B. (Mission Systems) wrote:

> I am trying to create a SSl connection to PostGres using JDBC and am not
> sure if it is working.
>
> I read that you must have openssl on the client machine for the
> connection to take place.

You don't need openssl if you use JDBC since SSL-support is part of
Java and the JDBC-driver will handle the SSL stuff.

I've never used SSL connections though, so this is a bit of guessing on
my side.

> I have turned ssl = on in the config file,
> created a cert and key file and placed them in the correct directory,
> created a truststore and add the ?ssl=true to the url for the client.
> When I do all this I connect and get  data back from the db.  My
> confusion is when I read that I need openssl on the client machine to
> connect, since I can connect without openssl installed.  I do notice
> that if my truststore does not have the cert placed in it, I get an
> error saying missing certificate ( something like that ), does that mean
> ssl is working for the client and server?

I'd simply take a packet sniffer like wireshark and look at the network
traffic with and without SSL. That way you'll see what is going on and
whether it's encrypted.

HTH,

Tino.

--
www.craniosacralzentrum.de
www.spiritualdesign-chemnitz.de

Tino Schwarze * Lortzingstraße 21 * 09119 Chemnitz

В списке pgsql-admin по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: Legacy foreign keys
Следующее
От: "Peter Koczan"
Дата:
Сообщение: Re: SSL question