FW: PostgreSQL SSL specifying certificate paths

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I have discovered what the problem is. Firedac is now wrapping the conninfo in single quotes before submitting it!

 

__

 

From: Mark Williams <markwillimas@xxxxxxxxx>
Sent: 18 March 2019 17:51
To: 'pgsql-admin@xxxxxxxxxxxxxxxxxxxx' <pgsql-admin@xxxxxxxxxxxxxxxxxxxx>
Subject: PostgreSQL SSL specifying certificate paths

 

I have had a problem previously connecting to PostgreSQL using Firedac. I managed to get this working, but then a recent update of Rad Studio has somehow changed the way that it passes through the cert file paths. I think this was to address an issue I raised about path delimiters being stripped away.

 

To overcome the problem I was specifying the paths as follows:

 

sslmode=verify-ca sslrootcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\root.crt sslcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.crt sslkey=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.key.

 

The new version of FireDac seems to be inserting escape characters itself so that it is passing through the “ConnInfo” as:

 

sslmode='verify-ca sslrootcert=C:\\\\ProgramData\\\\MWC\\\\Viewer\\\\Certs\\\\root.crt sslcert=C:\\\\ProgramData\\\\MWC\\\\Viewer\\\\Certs\\\\postgresql.crt sslkey=C:\\\\ProgramData\\\\MWC\\\\Viewer\\\\Certs\\\\postgresql.key'

 

Which is producing a Postgre error of:

 

ERROR: invalid sslmode value: "verify-ca sslrootcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\root.crt sslcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.crt sslkey=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.key

 

Naturally, I recoded so that I specified non-escaped windows paths and received the following error:

 

ERROR: invalid sslmode value: "verify-ca sslrootcert=C:\ProgramData\MWC\Viewer\Certs\root.crt sslcert=C:\ProgramData\MWC\Viewer\Certs\postgresql.crt sslkey=C:\ProgramData\MWC\Viewer\Certs\postgresql.key

 

I then tried forward slashes:

 

sslmode='verify-ca sslrootcert=C:/ProgramData/MWC/Viewer/Certs/root.crt sslcert=C:/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=C:/ProgramData/MWC/Viewer/Certs/postgresql.key'

 

And got the error:

 

ERROR: invalid sslmode value: "verify-ca sslrootcert=C:/ProgramData/MWC/Viewer/Certs/root.crt sslcert=C:/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=C:/ProgramData/MWC/Viewer/Certs/postgresql.key

 

I tried double forward slashes to no avail and then I tried Linux paths or at least what in my almost non-existent Linux experience I think is a Linus path:

 

sslmode='verify-ca sslrootcert=/C/ProgramData//MWC/Viewer/Certs/root.crt sslcert=/C/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=/C/ProgramData/MWC/Viewer/Certs/postgresql.key'

 

And got the error:

 

ERROR: invalid sslmode value: "verify-ca sslrootcert=/C/ProgramData//MWC/Viewer/Certs/root.crt sslcert=/C/ProgramData/MWC/Viewer/Certs/postgresql.crt sslkey=/C/ProgramData/MWC/Viewer/Certs/postgresql.key

 

Is anybody able to show me in what format the conninfo parameter of PostgreSQL expects to receive a Windows path please?

 

Thanks

 

Mark

 

 

__

 


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux