On Fri, Feb 01, 2008 at 09:08:23AM -0600, Bronson, Allan B. (Mission Systems) wrote: > I am trying to create a SSl connection to PostGres using JDBC and am not > sure if it is working. > > I read that you must have openssl on the client machine for the > connection to take place. You don't need openssl if you use JDBC since SSL-support is part of Java and the JDBC-driver will handle the SSL stuff. I've never used SSL connections though, so this is a bit of guessing on my side. > I have turned ssl = on in the config file, > created a cert and key file and placed them in the correct directory, > created a truststore and add the ?ssl=true to the url for the client. > When I do all this I connect and get data back from the db. My > confusion is when I read that I need openssl on the client machine to > connect, since I can connect without openssl installed. I do notice > that if my truststore does not have the cert placed in it, I get an > error saying missing certificate ( something like that ), does that mean > ssl is working for the client and server? I'd simply take a packet sniffer like wireshark and look at the network traffic with and without SSL. That way you'll see what is going on and whether it's encrypted. HTH, Tino. -- www.craniosacralzentrum.de www.spiritualdesign-chemnitz.de Tino Schwarze * Lortzingstraße 21 * 09119 Chemnitz ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster
