Re: FW: Setting up SSL for postgre

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hallo Mark,

in your pg_hha.conf you have used

      cert

as authentication,
which is authorization using a certificate
(not a password)
(as mailed before with documentation links)

did you test pgadmin and firedac from the same client machine?

hth,
Wim        
________________________________________
Van: Mark Williams <markwillimas@xxxxxxxxx>
Verzonden: dinsdag 28 augustus 2018 20:52
Aan: 'Tim Cross'
CC: pgsql-admin@xxxxxxxxxxxxxxxxxxxx; s.dunand@xxxxxxxx; Wim Bertels
Onderwerp: RE: FW: Setting up SSL for postgre

Hi Tim,

Thanks for the reply.

Unfortunately, I don't know what private certificate authorisation is. I
assume this is different to SSL and is not the same as a self signed cert. I
have created my certificate with OpenSSL so I assume I am not in the arena
of private certificate authorisation.

Thanks for the tip re Debian, but sadly client and server are all Windows
machines.

I think I will put a plea out there to anyone who uses FireDAC and has
managed to get SSL working with Postgre. Absent anything useful there, I
will give up on Postgre.

All the best.

Mark

__

-----Original Message-----
From: Tim Cross <theophilusx@xxxxxxxxx>
Sent: 27 August 2018 23:05
To: Mark Williams <markwillimas@xxxxxxxxx>
Cc: pgsql-admin@xxxxxxxxxxxxxxxxxxxx; s.dunand@xxxxxxxx
Subject: Re: FW: Setting up SSL for postgre


Mark Williams <markwillimas@xxxxxxxxx> writes:

>
>
>
>
> __
>
>
>
> From: Mark Williams <markwillimas@xxxxxxxxx>
> Sent: 25 August 2018 18:14
> To: 'Wim Bertels' <wim.bertels@xxxxxxx>
> Subject: RE: Setting up SSL for postgre
>
>
>
> Hi Wim,
>
>
>
> I don't understand. If I don't include the password option, the
> connection will be refused because I have not included it.
>
>
>
> I am connecting via PGAdmin with the same user ie postgres.
>

I suspect Wim was referring to private certificate authentication rather
than connections over SSL - use the same basic technologies, but for
different goals.

While it may or may not be useful, I believe that recent versions of Debian
actually come with SSL connections enabled by default (using self signed
cert). Might provide the example you need?

Tim

--
Tim Cross
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux