What do you mean by “change the ssl cert file and key” Pg_hba.conf # TYPE DATABASE USER CIDR-ADDRESS METHOD # IPv4 local & remote connections: host all all 127.0.0.1/32 trust hostssl all www-data 0.0.0.0/0 md5 clientcert=1 hostssl all postgres 0.0.0.0/0 md5 clientcert=1 # IPv6 local connections: host all all ::1/128 trust Postgresql.conf ssl = on #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers #ssl_prefer_server_ciphers = on #ssl_ecdh_curve = 'prime256v1' #ssl_dh_params_file = '' ssl_cert_file = 'server.crt' ssl_key_file = 'server.key' ssl_ca_file = 'root.crt' #ssl_crl_file = '' Thanks __ From: Bear Giles <bgiles@xxxxxxxxxxxxxx> What's in pg_hba.conf? What's in postgresql.conf? Did you remember to change the ssl cert file and key? For authentication I think you might need to set the SSL ca file as well but I'm not sure. On Mon, Aug 13, 2018 at 10:55 AM, Mark Williams <markwillimas@xxxxxxxxx> wrote:
|