On Mon, December 6, 2010 00:47, Greg Smith wrote:
>
> That looks to be the str_copy routine from conf_def.c in the OpenSSL
> code, i.e. line 624 of the version at:
>
> http://code.google.com/p/commitmonitor/source/browse/trunk/common/openssl/crypto/conf/conf_def.c
>
> So guessing something in the SSL autonegotiation is failing here in
> a really unexpected way.
>
The problem was an expired pki certificate. When we first used ssl
for pg we did not have our private CA set up. So we generated a
self-signed certificate. That certificate expired this past July
and I infer that while 8.1 did not care 8.4 evidently does.
In any case, we generated a new key and had a certificate signing
request signed by our CA. We installed both as server.key and
server.crt in the pgsql/data directory with chmod 600 and chown
postgres:postgres. Setting the postgresql.conf ssl option to on and
restarting the server no longer causes any error.
Than you all for the help.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3