Search Postgresql Archives

Re: SSL Certificates in Windows 7 & Postgres 9.3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/17/2014 10:14 PM, harpagornis wrote:

I am developing a Windows desktop application so the client is the desktop
application.  Depending on the installation, the app will be running in
single user mode, with the server and client both on only one machine, using
127.0.0.1.  In that type of installation, there is little or no reason the
server and the client cannot share configuration files.  Alternatively, the
app could be installed for multiple users on a network server.  Even in that
type of installation, is there some reason that the client should never
access server configuration files?
Yes, security. In any case for what you are trying to do the server configuration is not something the client has to fool with. 



Regarding the search_path, when I connected with psql and certificates, I
was only able to do so after I copied the certificates and keys into the
Postgres folder located in the Roaming folder, located in the AppData
folder, located in my Windows User name folder, located in the Windows
system Users folder.  I thought I read somewhere that particular folder
derives from the search_path setting.
It is important to remember that SSL is not provided by Postgres, it just has the ability to use SSL to make a connection. So it just piggybacks on an existing program. In doing that it makes certain assumptions to start with. 

For server side:

http://www.postgresql.org/docs/9.3/static/ssl-tcp.html


For libpq clients:

http://www.postgresql.org/docs/9.3/static/libpq-ssl.html
Important the above is for libpq based clients such as psql. I am not sure how non-libpq clients such as the Postgres JDBC client handle this.
The beginning assumptions can be modified by setting environment variables(again this is for libpq clients): 

http://www.postgresql.org/docs/9.3/static/libpq-envars.html

or the postgresql.conf

http://www.postgresql.org/docs/9.3/static/runtime-config-connection.html#RUNTIME-CONFIG-CONNECTION-SECURITY

For information on what search_path really does see:

http://www.postgresql.org/docs/9.3/static/runtime-config-client.html





--
View this message in context: http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5831232.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.





--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx


--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux