Atkins-Trimnell, Angus Black wrote: > Hello, > > I am trying to harden my application against man-in-the-middle attacks. > The application, written in PHP, communicates with the PostgreSQL server > using the usual pg_* functions built on the libpq library. I have the > proper postgresql.key and postgresql.crt files installed on the Web server > (PostgreSQL client) and the server.key, server.crt and root.crt files > installed on the PostgreSQL server. My understanding is that when PHP > issues a pg_connect() function, libpq supplies the client certificate to > the PostgreSQL server and the PostgreSQL server checks the signature on > the certificate against the signature of the trusted CA in root.crt. If > they match, it's go time! > > My concern is that an attacker could impersonate the PostgreSQL server, > intercept the initial pg_connect() request, submit it's own certificate to > the client and steal the log in credentials. Is this possible and, if so, > is there a way for PHP, through libpq, to check the certificate supplied > by the server to determine that it is submitted by a trusted CA? > > I have submitted the same question to the PHP-DB mailing list, but a > respondent said that this would be handled by PostgreSQL not PHP. Of > course, since I'm writing my code in PHP, I'm hoping to be able to handle > this in the PHP code. I think you need to read the Postgres 8.3 docs on the subject: http://www.postgresql.org/docs/8.3/static/ssl-tcp.html http://www.postgresql.org/docs/8.3/static/libpq-ssl.html -- Bruce Momjian <bruce@xxxxxxxxxx> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. +
