Hello.
Apologies if this is an easy one, I've been looking around but clearly
my google-fu may be weak :)
I've recently been asked to enable ssl support on one of our PostgreSQL
10 databases, which I've done. However, the certificate I was given
appears to have been generated using a passphrase, and now during server
start I'm being prompted (as expected) for that passphrase.
I'm concerned that this is going to impact the automatic (re)start of
the database after server shutdowns, crashes etc. I understand that
there is functionality to support this in PostgreSQL 11 with the
ssl_passphrase_command parameter, but I was wondering if there's a way
to emulate this in PostgreSQL 10 or any kind of workaround?
Or am I stuck with either requesting a new certificate without the
passphrase or going to PostgreSQL 11?
For information, it's a PostgreSQL 10.5 cluster hosted on a VM running
RHEL 7.6.
Many thanks!
--
Martin Goodson
In bed above we're deep asleep,
While greater love lies further deep.
This dream must end, the world must know,
We all depend on the beast below.
