Обсуждение: Beginner's Question: No pg_hba.conf entry for host...SSL Off
Hi All-
I am hoping for some help on this one... we are in the process of
implementing our program with SSL enabled on the Postgres side of things. I
can start and connect to the database from the command line ok using my
current configuration:
C:\msys\1.0\local\pgsql\bin>psql -d apt -U postgres
Welcome to psql 8.0.8, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
Warning: Console code page (437) differs from Windows code page (1252)
8-bit characters may not work correctly. See psql reference
page "Notes for Windows users" for details.
apt=#
However, when I try to run our application to and connect to the database, I
am receiving the following error: Connection rejected: FATAL: no pg_hba.conf
entry for host "127.0.0.1", user "postgres", database "apt", SSL off.
Here is my pg_hba.conf file:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# IPv4 local connections:
#host all all 127.0.0.1/32 trust
# IPv6 local connections:
hostssl all all 127.0.0.1/32 trust
I'm assuming that I have to put some code in my program to enable this
connection besides just putting it in the conf file...but where exactly
would this go? Below is an excerpt of our connection code:
public class DatabaseConnection {
private static String DB_IP;
private static final String DB_PORT = "5432";
private static String DB_CATALOG = "apt";
private static final String DB_USER = "postgres";
private static final String DB_PASSWORD = "XXXX";
public static void initIPAddress(String address){
DB_IP = address;
}
public static void initCatalog(String catalog){
DB_CATALOG = catalog;
}
public static Connection initialize() throws SQLException
{
final Connection connection;
Properties prop = new Properties();
String url;
try{
Class.forName("org.postgresql.Driver");
//url = "jdbc:postgresql://64.34.162.40:5432/apt";
url = "jdbc:postgresql://" + DB_IP + ":" + DB_PORT + "/" +
DB_CATALOG;
//prop.setProperty("user","postgres");
//prop.setProperty("password", "XXXX");
prop.setProperty("user", DB_USER);
prop.setProperty("password", DB_PASSWORD);
connection = DriverManager.getConnection(url, prop);
connection.setTransactionIsolation(Connection.TRANSACTION_READ_COMMITTED);
if(connection == null){
throw new Exception();
}
Thread maintainConn = new Thread(new Runnable(){
public void run(){
while(connection != null){
try{
maintainConnection(connection);
//10 minutes
Thread.sleep(600000);
}
catch(InterruptedException ie){}
}
}
});
maintainConn.setDaemon(true);
maintainConn.start();
}
catch(ClassNotFoundException cnf){
throw new SQLException(cnf.getMessage());
}
catch(Exception e){
throw new SQLException(e.getMessage());
}
return connection;
}
Thanks in advance for your time and help. As always, this mailing list is
the best!!
-Jeanna
On 9/26/06, Jeanna Geier <jgeier@apt-cafm.com> wrote:
> Hi All-
>
> I am hoping for some help on this one... we are in the process of
> implementing our program with SSL enabled on the Postgres side of things. I
> can start and connect to the database from the command line ok using my
> current configuration:
>
> C:\msys\1.0\local\pgsql\bin>psql -d apt -U postgres
> Welcome to psql 8.0.8, the PostgreSQL interactive terminal.
>
> Type: \copyright for distribution terms
> \h for help with SQL commands
> \? for help with psql commands
> \g or terminate with semicolon to execute query
> \q to quit
>
> SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
>
> Warning: Console code page (437) differs from Windows code page (1252)
> 8-bit characters may not work correctly. See psql reference
> page "Notes for Windows users" for details.
>
> apt=#
>
> However, when I try to run our application to and connect to the database, I
> am receiving the following error: Connection rejected: FATAL: no pg_hba.conf
> entry for host "127.0.0.1", user "postgres", database "apt", SSL off.
>
> Here is my pg_hba.conf file:
>
> # TYPE DATABASE USER CIDR-ADDRESS METHOD
> # IPv4 local connections:
> #host all all 127.0.0.1/32 trust
> # IPv6 local connections:
> hostssl all all 127.0.0.1/32 trust
>
> I'm assuming that I have to put some code in my program to enable this
> connection besides just putting it in the conf file...but where exactly
> would this go? Below is an excerpt of our connection code:
>
> public class DatabaseConnection {
> private static String DB_IP;
>
> private static final String DB_PORT = "5432";
> private static String DB_CATALOG = "apt";
> private static final String DB_USER = "postgres";
> private static final String DB_PASSWORD = "XXXX";
>
> public static void initIPAddress(String address){
> DB_IP = address;
> }
>
> public static void initCatalog(String catalog){
> DB_CATALOG = catalog;
> }
>
> public static Connection initialize() throws SQLException
> {
> final Connection connection;
> Properties prop = new Properties();
> String url;
>
> try{
> Class.forName("org.postgresql.Driver");
>
> //url = "jdbc:postgresql://64.34.162.40:5432/apt";
> url = "jdbc:postgresql://" + DB_IP + ":" + DB_PORT + "/" +
> DB_CATALOG;
>
> //prop.setProperty("user","postgres");
> //prop.setProperty("password", "XXXX");
> prop.setProperty("user", DB_USER);
> prop.setProperty("password", DB_PASSWORD);
Hi, Jeanna... I'm not a java programmer, but it looks like you could use
props.setProperty("ssl","true");
as seen in postgresql jdbc documentation:
http://jdbc.postgresql.org/documentation/80/connect.html
Regards.
Jeanna Geier написа:
[...]
>
> //prop.setProperty("user","postgres");
> //prop.setProperty("password", "XXXX");
> prop.setProperty("user", DB_USER);
> prop.setProperty("password", DB_PASSWORD);
props.setProperty("ssl","true"); ?
>
> connection = DriverManager.getConnection(url, prop);
>
> connection.setTransactionIsolation(Connection.TRANSACTION_READ_COMMITTED);
>
[...]
--
Milen A. Radev
Hi and thanks so much for the replies!!
I had perused that doc and google prior to posting and didn't have any luck;
what I tried was the following:
added:
private static final String DB_SSL_STATUS = "true";
&
prop.setProperty("ssl", DB_SSL_STATUS);
...
public class DatabaseConnection {
private static String DB_IP;
private static final String DB_PORT = "5432";
private static String DB_CATALOG = "apt";
private static final String DB_USER = "postgres";
private static final String DB_PASSWORD = "XXXX";
private static final String DB_SSL_STATUS = "true";
public static void initIPAddress(String address){
DB_IP = address;
}
public static void initCatalog(String catalog){
DB_CATALOG = catalog;
public static Connection initialize() throws SQLException
{
final Connection connection;
Properties prop = new Properties();
String url;
try{
Class.forName("org.postgresql.Driver");
//url = "jdbc:postgresql://64.34.162.40:5432/apt";
url = "jdbc:postgresql://" + DB_IP + ":" + DB_PORT + "/" +
DB_CATALOG;
//prop.setProperty("user","postgres");
//prop.setProperty("password", "XXXX");
//prop.setProperty("ssl", "true");
prop.setProperty("user", DB_USER);
prop.setProperty("password", DB_PASSWORD);
prop.setProperty("ssl", DB_SSL_STATUS);
connection = DriverManager.getConnection(url, prop);
connection.setTransactionIsolation(Connection.TRANSACTION_READ_COMMITTED);
if(connection == null){
throw new Exception();
}
Thread maintainConn = new Thread(new Runnable(){
public void run(){
while(connection != null){
try{
maintainConnection(connection);
//10 minutes
Thread.sleep(600000);
}
catch(InterruptedException ie){}
}
}
});
maintainConn.setDaemon(true);
maintainConn.start();
}
catch(ClassNotFoundException cnf){
throw new SQLException(cnf.getMessage());
}
catch(Exception e){
throw new SQLException(e.getMessage());
}
return connection;
}
However, when I do that, it's throwing an exception from: connection =
DriverManager.getConnection(url, prop);
and I'm getting an error message that says: "The connection attempt failed."
Any other ideas?
Much thanks, as always.
-Jeanna
----- Original Message -----
From: "Juan Miguel Paredes" <juan.paredes@gmail.com>
To: "Jeanna Geier" <jgeier@apt-cafm.com>
Cc: <pgsql-admin@postgresql.org>
Sent: Tuesday, September 26, 2006 8:34 AM
Subject: Re: [ADMIN] Beginner's Question: No pg_hba.conf entry for
host...SSL Off
> On 9/26/06, Jeanna Geier <jgeier@apt-cafm.com> wrote:
>> Hi All-
>>
>> I am hoping for some help on this one... we are in the process of
>> implementing our program with SSL enabled on the Postgres side of things.
>> I
>> can start and connect to the database from the command line ok using my
>> current configuration:
>>
>> C:\msys\1.0\local\pgsql\bin>psql -d apt -U postgres
>> Welcome to psql 8.0.8, the PostgreSQL interactive terminal.
>>
>> Type: \copyright for distribution terms
>> \h for help with SQL commands
>> \? for help with psql commands
>> \g or terminate with semicolon to execute query
>> \q to quit
>>
>> SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
>>
>> Warning: Console code page (437) differs from Windows code page (1252)
>> 8-bit characters may not work correctly. See psql reference
>> page "Notes for Windows users" for details.
>>
>> apt=#
>>
>> However, when I try to run our application to and connect to the
>> database, I
>> am receiving the following error: Connection rejected: FATAL: no
>> pg_hba.conf
>> entry for host "127.0.0.1", user "postgres", database "apt", SSL off.
>>
>> Here is my pg_hba.conf file:
>>
>> # TYPE DATABASE USER CIDR-ADDRESS METHOD
>> # IPv4 local connections:
>> #host all all 127.0.0.1/32 trust
>> # IPv6 local connections:
>> hostssl all all 127.0.0.1/32 trust
>>
>> I'm assuming that I have to put some code in my program to enable this
>> connection besides just putting it in the conf file...but where exactly
>> would this go? Below is an excerpt of our connection code:
>>
>> public class DatabaseConnection {
>> private static String DB_IP;
>>
>> private static final String DB_PORT = "5432";
>> private static String DB_CATALOG = "apt";
>> private static final String DB_USER = "postgres";
>> private static final String DB_PASSWORD = "XXXX";
>>
>> public static void initIPAddress(String address){
>> DB_IP = address;
>> }
>>
>> public static void initCatalog(String catalog){
>> DB_CATALOG = catalog;
>> }
>>
>> public static Connection initialize() throws SQLException
>> {
>> final Connection connection;
>> Properties prop = new Properties();
>> String url;
>>
>> try{
>> Class.forName("org.postgresql.Driver");
>>
>> //url = "jdbc:postgresql://64.34.162.40:5432/apt";
>> url = "jdbc:postgresql://" + DB_IP + ":" + DB_PORT + "/" +
>> DB_CATALOG;
>>
>> //prop.setProperty("user","postgres");
>> //prop.setProperty("password", "XXXX");
>> prop.setProperty("user", DB_USER);
>> prop.setProperty("password", DB_PASSWORD);
>
> Hi, Jeanna... I'm not a java programmer, but it looks like you could use
>
> props.setProperty("ssl","true");
>
> as seen in postgresql jdbc documentation:
>
> http://jdbc.postgresql.org/documentation/80/connect.html
>
> Regards.
>
On 9/26/06, Jeanna Geier <jgeier@apt-cafm.com> wrote:
> Hi and thanks so much for the replies!!
>
> I had perused that doc and google prior to posting and didn't have any luck;
> what I tried was the following:
>
> added:
> private static final String DB_SSL_STATUS = "true";
> &
> prop.setProperty("ssl", DB_SSL_STATUS);
>
> ...
> public class DatabaseConnection {
> private static String DB_IP;
>
> private static final String DB_PORT = "5432";
> private static String DB_CATALOG = "apt";
> private static final String DB_USER = "postgres";
> private static final String DB_PASSWORD = "XXXX";
> private static final String DB_SSL_STATUS = "true";
>
> public static void initIPAddress(String address){
> DB_IP = address;
> }
>
> public static void initCatalog(String catalog){
> DB_CATALOG = catalog;
> public static Connection initialize() throws SQLException
> {
> final Connection connection;
> Properties prop = new Properties();
> String url;
>
> try{
> Class.forName("org.postgresql.Driver");
>
> //url = "jdbc:postgresql://64.34.162.40:5432/apt";
> url = "jdbc:postgresql://" + DB_IP + ":" + DB_PORT + "/" +
> DB_CATALOG;
>
> //prop.setProperty("user","postgres");
> //prop.setProperty("password", "XXXX");
> //prop.setProperty("ssl", "true");
> prop.setProperty("user", DB_USER);
> prop.setProperty("password", DB_PASSWORD);
> prop.setProperty("ssl", DB_SSL_STATUS);
>
> connection = DriverManager.getConnection(url, prop);
> connection.setTransactionIsolation(Connection.TRANSACTION_READ_COMMITTED);
>
> if(connection == null){
> throw new Exception();
> }
>
> Thread maintainConn = new Thread(new Runnable(){
> public void run(){
> while(connection != null){
> try{
> maintainConnection(connection);
> //10 minutes
> Thread.sleep(600000);
> }
> catch(InterruptedException ie){}
> }
> }
> });
> maintainConn.setDaemon(true);
> maintainConn.start();
> }
> catch(ClassNotFoundException cnf){
> throw new SQLException(cnf.getMessage());
> }
> catch(Exception e){
> throw new SQLException(e.getMessage());
> }
>
> return connection;
> }
>
>
> However, when I do that, it's throwing an exception from: connection =
> DriverManager.getConnection(url, prop);
> and I'm getting an error message that says: "The connection attempt failed."
>
> Any other ideas?
>
> Much thanks, as always.
> -Jeanna
Hi, Jeanna.
Maybe an stack-trace of your error, when trying the ssl connection
could be useful. Also, as noted in
http://jdbc.postgresql.org/documentation/80/ssl-client.html
perhaps other jdbc client configuration is missing or not available on
your environment.
Just guessing... maybe you could try importing your server's
certificate into client keystore or disabling SSL certificate
validation (probably you're using a self-signed certificate)
"Juan Miguel Paredes" <juan.paredes@gmail.com> writes: > Maybe an stack-trace of your error, when trying the ssl connection > could be useful. Also, as noted in > http://jdbc.postgresql.org/documentation/80/ssl-client.html > perhaps other jdbc client configuration is missing or not available on > your environment. I think this boils down to a "how do I configure SSL in the Java environment" question. I recall seeing some stuff about a Java-specific keystore concept but don't remember details. The pgsql-jdbc list is probably a better place to ask for help about it. regards, tom lane
OK, thanks, Tom. I'll post to that list and see what they can do for me. -Jeanna ----- Original Message ----- From: "Tom Lane" <tgl@sss.pgh.pa.us> To: "Juan Miguel Paredes" <juan.paredes@gmail.com> Cc: "Jeanna Geier" <jgeier@apt-cafm.com>; <pgsql-admin@postgresql.org> Sent: Tuesday, September 26, 2006 10:31 AM Subject: Re: [ADMIN] Beginner's Question: No pg_hba.conf entry for host...SSL Off > "Juan Miguel Paredes" <juan.paredes@gmail.com> writes: >> Maybe an stack-trace of your error, when trying the ssl connection >> could be useful. Also, as noted in >> http://jdbc.postgresql.org/documentation/80/ssl-client.html >> perhaps other jdbc client configuration is missing or not available on >> your environment. > > I think this boils down to a "how do I configure SSL in the Java > environment" question. I recall seeing some stuff about a Java-specific > keystore concept but don't remember details. > > The pgsql-jdbc list is probably a better place to ask for help about it. > > regards, tom lane >