Re: "Failed to connect to Postgres database"
От | Adrian Klaver |
---|---|
Тема | Re: "Failed to connect to Postgres database" |
Дата | |
Msg-id | c6b313be-f971-1cc4-2814-05caaab17c75@aklaver.com обсуждение исходный текст |
Ответ на | Re: "Failed to connect to Postgres database" (Marco Ippolito <ippolito.marco@gmail.com>) |
Ответы |
Re: "Failed to connect to Postgres database"
|
Список | pgsql-general |
On 9/28/19 12:07 AM, Marco Ippolito wrote: > Hi Adrian, > > Il giorno ven 27 set 2019 alle ore 21:39 Adrian Klaver > <adrian.klaver@aklaver.com <mailto:adrian.klaver@aklaver.com>> ha scritto: > > On 9/27/19 11:02 AM, Marco Ippolito wrote: > > Thank you very much Adrian. > > Two things: > > > > 1) > > Why if I just specify through port the cluster and the host > connection > > I connect correctly with SSL, > > but if I specify also the database and the user it connects it > doesn't > > usel SSL connection, or at least it doesn't say it uses SSL? : > > > Can you show the contents of pg_hba.conf file for the 11/fabmnet > cluster. The file will be in: > > /etc/postgresql/11/fabmnet/ > > > > > /etc/postgresql/11/fabmnet/pg_hba.conf : > > # Database administrative login by Unix domain socket > local all postgres peer > > # TYPE DATABASE USER ADDRESS METHOD > > # "local" is for Unix domain socket connections only > local all all peer > # IPv4 local connections: > host all all 127.0.0.1/32 <http://127.0.0.1/32> > md5 > > # Allow connections from localhost only to fabmnet_ca for postgres user > hostssl fabmnet_ca postgres localhost cert > > # IPv6 local connections: > host all all ::1/128 md5 > # Allow replication connections from localhost, by a user with the > # replication privilege. > local replication all peer > host replication all 127.0.0.1/32 <http://127.0.0.1/32> > md5 > host replication all ::1/128 md5 > > fabric-ca-server-config.yaml : sslmode=require > db: > type: postgres > datasource: host=localhost port=5433 user=postgres password=1234 > dbname=fabmnet_ca sslmode=require > tls: > enabled: false > certfiles: > client: > certfile: > keyfile: You are not including the certs or setting tls.enabled: true. Not sure that is the root cause at the moment. I would try just going through psql for the time being to take the fabric server out of the loop. Something like: psql "host=localhost port=5433 dbname=fabmnet_ca user=postgres sslmode=require" From below I am guessing you do not have the SSL certs setup properly for the fabmnet Postgres instance(the one on port 5433) and/or on the client. Take a look at: https://www.postgresql.org/docs/11/libpq-ssl.html > > > (base) marco@pc:~/fabric/fabric-ca$ fabric-ca-server init -b admin:adminpw > 2019/09/28 09:00:08 [INFO] Configuration file location: > /home/marco/fabric/fabric-ca/fabric-ca-server-config.yaml > 2019/09/28 09:00:08 [INFO] Server Version: 1.4.4 > 2019/09/28 09:00:08 [INFO] Server Levels: &{Identity:2 Affiliation:1 > Certificate:1 Credential:1 RAInfo:1 Nonce:1} > 2019/09/28 09:00:08 [INFO] The CA key and certificate already exist > 2019/09/28 09:00:08 [INFO] The key is stored by BCCSP provider 'SW' > 2019/09/28 09:00:08 [INFO] The certificate is at: > /home/marco/fabric/fabric-ca/ca-cert.pem > 2019/09/28 09:00:08 [WARNING] Failed to connect to database 'fabmnet_ca' > 2019/09/28 09:00:08 [ERROR] Error occurred initializing database: Failed > to create Postgres tables: Error creating users table: pq: client > certificates can only be checked if a root certificate store is available > 2019/09/28 09:00:08 [INFO] Home directory for default CA: > /home/marco/fabric/fabric-ca > 2019/09/28 09:00:08 [INFO] Initialization was successful > > > /var/log/postgresql/postgresql-11-fabmnet.log : > > 2019-09-28 09:00:08.634 CEST [4226] postgres@fabmnet_ca FATAL: client > certificates can only be checked if a root certificate store is available > 2019-09-28 09:00:08.641 CEST [4227] postgres@postgres ERROR: database > "fabmnet_ca" already exists > 2019-09-28 09:00:08.641 CEST [4227] postgres@postgres STATEMENT: CREATE > DATABASE fabmnet_ca > 2019-09-28 09:00:08.644 CEST [4228] postgres@fabmnet_ca FATAL: client > certificates can only be checked if a root certificate store is available > 2019-09-28 09:00:08.650 CEST [4227] postgres@postgres LOG: could not > receive data from client: Connection reset by peer > -- Adrian Klaver adrian.klaver@aklaver.com
В списке pgsql-general по дате отправления:
Предыдущее
От: Andrew GierthДата:
Сообщение: Re: Possible bug: SQL function parameter in window frame definition
Следующее
От: Tom LaneДата:
Сообщение: Re: Possible bug: SQL function parameter in window frame definition