On Tue, Jul 1, 2008 at 5:52 PM, Albe Laurenz <laurenz.albe@xxxxxxxxxx> wrote: > If you don't need SSL, set 'ssl=off' in postgresql.conf. > If you want SSL, > 1) read the manual on SSL support > http://www.postgresql.org/docs/8.3/static/ssl-tcp.html > 2) Is there a file server.key? If yes, make it readable to the > postgres user. If not, create it as documented. Hi Albe, thanks very much for helping me here... Here is the contents of my /var/lib/postgresql/8.2/main/ : root@Admin:/var/lib/postgresql/8.2/main# ls -l total 9 drwx------ 7 postgres postgres 168 2008-06-29 11:27 base drwx------ 2 postgres postgres 768 2008-06-30 13:01 global drwx------ 2 postgres postgres 72 2008-06-24 09:37 pg_clog drwx------ 4 postgres postgres 96 2008-06-24 09:37 pg_multixact drwx------ 2 postgres postgres 72 2008-06-24 09:37 pg_subtrans drwx------ 2 postgres postgres 48 2008-06-24 09:37 pg_tblspc drwx------ 2 postgres postgres 48 2008-06-24 09:37 pg_twophase -rw------- 1 postgres postgres 4 2008-06-24 09:37 PG_VERSION drwx------ 3 postgres postgres 120 2008-06-24 09:37 pg_xlog -rw------- 1 postgres postgres 125 2008-06-30 08:59 postmaster.opts lrwxrwxrwx 1 root root 31 2008-06-24 09:37 root.crt -> /etc/postgresql-common/root.crt lrwxrwxrwx 1 root root 36 2008-06-24 09:37 server.crt -> /etc/ssl/certs/ssl-cert-snakeoil.pem lrwxrwxrwx 1 root root 38 2008-06-24 09:37 server.key -> /etc/ssl/private/ssl-cert-snakeoil.key 'server.key' seems to be writable to all and sundry, although the file it is linked to (ssl-cert-snakeoil.key) is not: root@Admin:/etc/ssl/private# ls -l total 4 -rw------- 1 root ssl-cert 887 2008-06-11 12:18 ssl-cert-snakeoil.key