Re: [JDBC] can't access through SSL
От | Maz Mohammadi |
---|---|
Тема | Re: [JDBC] can't access through SSL |
Дата | |
Msg-id | 9F992F0A0D9BA04F914597F75435942D09576C50C8@MBX36.exg5.exghost.com обсуждение исходный текст |
Ответы |
Re: [JDBC] can't access through SSL
(Ray Stell <stellr@vt.edu>)
Re: [JDBC] can't access through SSL (Adrian Klaver <adrian.klaver@gmail.com>) |
Список | pgsql-general |
I still can’t access my SSL enabled server!!!
Is root.crt supposed to be an exact copy of server.crt file which I use in my client’s keystore?
I have another observation. As I start the coordinator node, I don’t see any file access to the server.key or server.crt file? Aren’t these files supposed to be read at start up time or at least when I try to make a connection from my java application?
Everything I try create a datasource on tomcat I get the follow error on client and server’s console…
FATAL: connection requires a valid client certificate.
Am I missing something?
-maz
From: pgsql-jdbc-owner@postgresql.org [mailto:pgsql-jdbc-owner@postgresql.org] On Behalf Of Maz Mohammadi
Sent: Friday, February 22, 2013 4:33 PM
To: pgsql-jdbc@postgresql.org
Subject: Re: [JDBC] can't access through SSL
Correction…
After double checking the path to java’s keystore file, and correcting it…this is the new error.
FATAL: connection requires a valid client certificate.
Any idea would be greatly appreciated.
-maz
From: Maz Mohammadi
Sent: Friday, February 22, 2013 3:51 PM
To: 'pgsql-jdbc@postgresql.org'
Subject: RE: [JDBC] can't access through SSL
Hello,
I regenerated some new keys for my postgres server. I’ve placed them under /var/lib…./coord and shared them with the datanodes as well.
After adding the certificates to the keystore for my tomcat java application, I get the following error on my server.
LOG: could not accept SSL connection: sslv3 alert certificate unkown.
I thought I had to use JDBC 3 for this.
Any ideas?
-maz
From: Maz Mohammadi
Sent: Friday, February 22, 2013 3:45 PM
To: pgsql-jdbc@postgresql.org
Subject: RE: [JDBC] can't access through SSL
Thx, one step closer.
From: Vitalii Tymchyshyn [mailto:tivv00@gmail.com]
Sent: Friday, February 22, 2013 12:56 PM
To: Maz Mohammadi
Cc: pgsql-jdbc@postgresql.org
Subject: Re: [JDBC] can't access through SSL
Try jdbc:postgresql://localhost:5432/testdb?ssl=true
2013/2/22 Maz Mohammadi <mmohammadi@pentaho.com>
Hello all,
I’m trying to access a postgres database through a java application (tomcat). This is the only entry I have in pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
hostssl all all 127.0.0.1/32 cert
and put the certicate (from /var/lib/postre…../coord/server.crt) in the cacerts under $JAVA_HOME/…….
This is my jdbc URL….
jdbc:postgresql://localhost:5432/testdb&ssl=true
But When I try to create a datasource on tomcat, I get the following error…
“Connection attempt failed: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "progres-xc", database "testdb&ssl=true", SSL off”
Any help is greatly appreciated.
-maz
--
Best regards,
Vitalii Tymchyshyn
В списке pgsql-general по дате отправления: