On Fri, Jan 23, 2009 at 02:04:21PM -0500, Carol Walter wrote:
>>>
>>> ssl_ciphers 'ALL:!ADH:!LOW:@STRENGTH'
I don't understand this syntax, is it described somewhere to your
knowledge. The doc say to see the openssl docs, so I went
fishing there. Maybe one of these will work:
> openssl cipher
On Jan 22, 2009, at 1:27 PM, Ray Stell wrote:
On Thu, Jan 22, 2009 at 10:35:22AM -0500, Carol Walter wrote:
I'm still having problems with ssl. My ssl_ciphers line in
postgresql.conf
looks as the following:
ssl_ciphers 'ALL:!ADH:!LOW:@STRENGTH'
this parameter was not available in 8.2.x w
On Thu, Jan 22, 2009 at 10:35:22AM -0500, Carol Walter wrote:
> I'm still having problems with ssl. My ssl_ciphers line in postgresql.conf
> looks as the following:
>
> ssl_ciphers 'ALL:!ADH:!LOW:@STRENGTH'
this parameter was not available in 8.2.x when I tested so what
I say here has little bas
I'm still having problems with ssl. My ssl_ciphers line in
postgresql.conf looks as the following:
ssl_ciphers 'ALL:!ADH:!LOW:@STRENGTH'
When I try to connect to the database from another system I get this
error...
walt...@cat:~$ psql -p 5433 -U walterc -d walterc -h db
psql: SSL SYSCALL
On Wed, Jan 21, 2009 at 05:01:08PM -0500, Carol Walter wrote:
>
> On Jan 21, 2009, at 4:24 PM, Ray Stell wrote:
>
>> On Wed, Jan 21, 2009 at 12:50:23PM -0500, Carol Walter wrote:
> Also, in the second part of my message there are lines relating to the
> encryption. I'm not sure what needs to be i
On Jan 21, 2009, at 4:24 PM, Ray Stell wrote:
On Wed, Jan 21, 2009 at 12:50:23PM -0500, Carol Walter wrote:
-bash-3.00$ /usr/local/ssl/bin/openssl verify -CAfile ./root.crt
testcert.pem
Error loading file ./root.crt
24149:error:02001002:system library:fopen:No such file or
directory:bss_file.c
On Wed, Jan 21, 2009 at 12:50:23PM -0500, Carol Walter wrote:
> -bash-3.00$ /usr/local/ssl/bin/openssl verify -CAfile ./root.crt
> testcert.pem
> Error loading file ./root.crt
> 24149:error:02001002:system library:fopen:No such file or
> directory:bss_file.c:126:fopen('./root.crt','r')
root.crt
Well, I cleared out other database problems and now I'm back to this
one...
When I run the OpenSSL command below I get the following output...
-bash-3.00$ /usr/local/ssl/bin/openssl verify -CAfile ./root.crt
testcert.pem
Error loading file ./root.crt
24149:error:02001002:system library:fope
On Fri, Jan 09, 2009 at 04:08:00PM -0500, Ray Stell wrote:
> ./configure --prefix=/usr/local/pgsql826
> --with-libraries=/usr/local/openssl/lib
> --with-includes=/usr/local/openssl/include/ --with-openssl
>
>
> On Fri, Jan 09, 2009 at 03:47:54PM -0500, Carol Walter wrote:
> > Well, back from
./configure --prefix=/usr/local/pgsql826
--with-libraries=/usr/local/openssl/lib
--with-includes=/usr/local/openssl/include/ --with-openssl
On Fri, Jan 09, 2009 at 03:47:54PM -0500, Carol Walter wrote:
> Well, back from the flu. =P
>
> How do I tell postgres where to look for ssl. I've got
Well, back from the flu. =P
How do I tell postgres where to look for ssl. I've got both the new
and the original versions of openssl. I don't want to remove the
original one because it's loaded on the global zone and I don't know
what other dependencies it might have. Do I have to back
On Wed, Dec 31, 2008 at 11:16:42AM -0500, Carol Walter wrote:
>> On the web site you directed me to, the s_server command uses a file
>> called 'mycert.pem'. Do you know what the system expecting for this file?
It's just a file and you tell openssl where it is, where you put it
once it is creat
Begin forwarded message:
From: Carol Walter
Date: December 31, 2008 11:16:01 AM GMT-05:00
To: Ray Stell
Subject: Re: [ADMIN] ssl database connection problems...
Sorry, I obviously am pretty clueless.
Thanks,
Carol
On Dec 31, 2008, at 10:09 AM, Ray Stell wrote:
On Wed, Dec 31, 2008 at
On Wed, Dec 31, 2008 at 09:19:12AM -0500, Carol Walter wrote:
> Here's the output from s_client & s_server commands...
>
> # openssl s_client
> connect: Connection refused
> connect:errno=146
oh, I think you need to use some more flags. Take a look at
this howto: http://www.madboa.com/geek/opens
On Dec 30, 2008, at 8:42 PM, Ray Stell wrote:
On Tue, Dec 30, 2008 at 03:53:37PM -0500, Carol Walter wrote:
OpenSSL is telling me that ssl is
not properly configured.
how so?
Here's the output from s_client & s_server commands...
# openssl s_client
connect: Connection refused
connect:err
On Tue, Dec 30, 2008 at 03:53:37PM -0500, Carol Walter wrote:
>
> OpenSSL is telling me that ssl is
> not properly configured.
how so?
>> openssl verify -CAfile ./root.crt testcert.pem
can you verify the server crt against the CA?
That is the starting place.
--
Sent via pgsql-admin mailing
Thanks to all of you. Many of my problems have been fixed. My
"listening_addresses" was not set correctly. After I fixed that
problem, I started getting an SSL error. I'm now getting this error
as follows:
walt...@fac-staff:~$ psql -U walterc -d walterc -h db -p 5433
psql: SSL SYSCALL e
"Scott Marlowe" writes:
> On Mon, Dec 29, 2008 at 2:23 PM, Carol Walter wrote:
>> ... I can't connect to the database instance
>> from a remote host. I get a message as follows:
>> walt...@cat:~$ psql -h db -U walterc -d walterc -p 5433
>> psql: could not connect to server: Connection refused
>>
On Mon, Dec 29, 2008 at 04:23:30PM -0500, Carol Walter wrote:
> "with openssl" when I initially configured the server. Are there other
> things that need to be done to get openssl started on the database server?
> How can I diagnose this problem?
>
The files server.key, server.crt, root.crt, a
On Mon, Dec 29, 2008 at 2:23 PM, Carol Walter wrote:
> Hello,
>
> I've just created a new instance of postgres. It's running an a Sun server
> running Solaris 10. I configured it with ssl using port 5433. The server
> starts and runs. I can connect to it from the local host and list the
> data
>>> Carol Walter wrote:
> The server starts and runs. I can connect to it from the local host
> and list the databases, connect to them etc. I can't connect to the
> database instance from a remote host.
Have you set listen_addresses in postgresql.conf?
You likely want:
listen_address
Hello,
I've just created a new instance of postgres. It's running an a Sun
server running Solaris 10. I configured it with ssl using port 5433.
The server starts and runs. I can connect to it from the local host
and list the databases, connect to them etc. I can't connect to the
data
22 matches
Mail list logo
