On Fri, 2017-12-08 at 07:40 -0500, chiru r wrote: > We are using LDAP authentication for authenticating users in > PostgreSQL on Linux server and we are able to authenticate > successfully. Then one presumes you are using PAM (?) for password authentication - this question is really about pam_ldap, it is not specific to PostgreSQL in any way. > Please help me i have couple of questions to configuring LDAPS. > 1. Which location we need to keep the LDAPs Certificate files in > PostgreSQL Linux server ?. > 2. Do we need to change any configuration file for certificate > references on Linux server ? . The server should be configured to recognize certificates signed by whatever authority you are using - where they go to do that depends on your distribution. Usually that involves putting the signing certificate somewhere like /usr/share/pki/ca-trust-source/anchors/ and running "update-ca-trust". If your server already recognizes your CA you don't need to do anything other than changing PAM to use LDAPS. > 2. What need to be changed in Postgresql.conf file and pg_hba.conf > file ? Nothing, PostgreSQL just calls the PAM library. It does not care what happens beneath that. -- Meetings Coordinator, Michigan Association of Railroad Passengers 537 Shirley St NE Grand Rapids, MI 49503-1754 Phone: 616.581.8010 E-mail: awilliam@xxxxxxxxxxxxx GPG#D95ED383 Web: http://www.marp.org
