Simon de Hartog <simon.postgresql@dehartog.nl> writes:
> I have added all the users these applications run as to a group called
> "ssl". Permissions on the private key are owned by root, group ssl,
> protection rw-r----- (640). When I tell PostgreSQL to use this key with
> certificate (by using symlinks from server.key and server.crt in the
> postgreSQL data dir) it tells me that owner and permissions are wrong.
> How can I use this certificate and key for PostgreSQL (without copying
> the key and changing owner and permissions etc, because then the whole
> idea of centrally coordinated certificates is gone)?
You can't, and I don't see why it's a good idea to use the same key for
different server applications.
regards, tom lane