On 12/15/2014 02:36 PM, harpagornis wrote:
I changed the CN in all the certificates from 127.0.0.1 "my_role", which is the user id. Now the pg_log contains this: --------------------------------------------------------------------------------------- 2014-12-15 22:28:04 GMT LOG: database system was shut down at 2014-12-15 22:28:01 GMT 2014-12-15 22:28:04 GMT LOG: database system is ready to accept connections 2014-12-15 22:28:04 GMT LOG: autovacuum launcher started 2014-12-15 22:28:05 GMT FATAL: the database system is starting up 2014-12-15 22:28:06 GMT FATAL: connection requires a valid client certificate 2014-12-15 22:28:06 GMT FATAL: no pg_hba.conf entry for host "127.0.0.1", user "SYSTEM", database "postgres", SSL off
Well something is trying to connect not using SSL. Previously you showed your pg_hba.conf as:
This is the pg_hba.conf hostssl all all 127.0.0.1/32 cert clientcert=1 hostssl all all ::1/128 cert clientcert=1 If that is all of it there is no provision for a non-SSL connection. The question then is who is "SYSTEM" user? Is it the same as my_role or is something else? Best guess is that there is a system user trying to connect in your setup.
-- View this message in context: http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5830783.html Sent from the PostgreSQL - general mailing list archive at Nabble.com.
-- Adrian Klaver adrian.klaver@xxxxxxxxxxx -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
