On Mon, Dec 29, 2008 at 04:23:30PM -0500, Carol Walter wrote: > "with openssl" when I initially configured the server. Are there other > things that need to be done to get openssl started on the database server? > How can I diagnose this problem? > The files server.key, server.crt, root.crt, and root.crl are only examined during server start; so you must restart the server for changes in them to take effect. http://www.postgresql.org/docs/8.3/interactive/ssl-tcp.html It's been awhile since I played with this, but there's something about an environment var, PGSSLMODE. You can use openssl to verify the server/root ca correctness like this: openssl verify -CAfile ./root.crt testcert.pem assuming openssl in the mix. -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
