Re: ssl database connection problems...

Поиск
Список
Период
Сортировка
От Carol Walter
Тема Re: ssl database connection problems...
Дата
Msg-id 4D15E432-79CD-4D0E-ACDD-BC1ABCC5BAFD@indiana.edu
обсуждение исходный текст
Ответ на Re: ssl database connection problems...  (Ray Stell <stellr@cns.vt.edu>)
Ответы Re: ssl database connection problems...  (Ray Stell <stellr@cns.vt.edu>)
Список pgsql-admin
Thanks to all of you.  Many of my problems have been fixed.  My
"listening_addresses" was not set correctly.  After I fixed that
problem, I started getting an SSL error.  I'm now getting this error
as follows:

walterc@fac-staff:~$ psql -U walterc -d walterc -h db -p 5433
psql: SSL SYSCALL error: EOF detected

I've poked around a lot in my system.  OpenSSL is telling me that ssl
is not properly configured.  I don't know if the error is accurate of
it's describing differences between its configuration and Postgres'.
Since ssl on my database box has never been used, there's a very good
chance it's not configured properly.  I've decided the best tact would
be to get a new version of OpenSSL.  The most current version on the
Sun Freeware site, is 0.9.8i.
Are there any issues with compatibility that I should know about.

I'm running Solaris 10 and version 8.3.4 of postgres.

Thanks,

Carol
On Dec 29, 2008, at 9:36 PM, Ray Stell wrote:

> On Mon, Dec 29, 2008 at 04:23:30PM -0500, Carol Walter wrote:
>> "with openssl" when I initially configured the server.  Are there
>> other
>> things that need to be done to get openssl started on the database
>> server?
>> How can I diagnose this problem?
>>
>
> The files server.key, server.crt, root.crt, and root.crl are only
> examined
> during server start; so you must restart the server for changes in
> them
> to take effect.
>
> http://www.postgresql.org/docs/8.3/interactive/ssl-tcp.html
>
> It's been awhile since I played with this, but there's something
> about an
> environment var, PGSSLMODE.
>
> You can use openssl to verify the server/root ca correctness like
> this:
>
> openssl  verify -CAfile ./root.crt testcert.pem
>
> assuming openssl in the mix.
>
> --
> Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-admin


В списке pgsql-admin по дате отправления:

Предыдущее
От: "Scott Marlowe"
Дата:
Сообщение: Re: postgres block_size problem
Следующее
От: Ray Stell
Дата:
Сообщение: Re: ssl database connection problems...