Hello. > > > I'm trying to use the java keytool in place of openssl. > > > - I believe that it not possible to start the PostgreSQL server > without > > > openssl (and ssl-dev package in debian), is it correct? > > > > Yes, I don't think the java keytool works. > > Oh, the documentation defeated me twice. The server reads the openssl > configuration at start time too. > The keytool may be used only to generate the key pair and the certificate, > but it can not export the private key from its keystore. You need another > tool or to write a Java code to do that. OpenSSL has two ways to store private keys: 1. an own proprietary format 2. standard PKCS#8 The default as used in the postgresql doc is to produce the proprietary format. Don't know if PostgreSQL can handle PKCS#8 keys. If you'd like to check, here is a command to produce PKCS#8: openssl pkcs8 -in server.key -out server.p8 -topk8 Jose, writing a tutorial sounds promising. If I can be of any help, just contact me. Martin -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
