The owner of these new files needs to be the same as that of your Pg data dir in
general or postgresql.conf specifically, and that owner be the same as the
process that runs the Pg server. Are you running Pg as root? (In any event,
you should have another user; running programs or servers as root when they
don't need root powers is generally a bad idea.) -- Darren Duncan
Mike Christensen wrote:
Hi, I'm trying to require SSL for Postgres connections from certain
IPs.. This is on Postgres 9.0.
First, I've followed the directions at:
http://www.postgresql.org/docs/9.0/static/ssl-tcp.html
I've created the files server.crt and server.key. I've also removed
the passphrase from the key so Postgres can start automatically.
Finally, I ran:
chmod 0600 server.key
The permissions on server.key are now:
-rw------- 1 root root 887 Oct 10 03:42 server.key
However, when I set ssl = on in postgresql.conf and start the server,
I get the logged error:
2010-10-10 03:47:07 UTC FATAL: could not load private key file
"server.key": Permission denied
I'm logged on as root. Any ideas? Thanks!
Mike
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
