[svlug] Authenticating with cert was: phppgadmin

Ivan Sergio Borgonovo mail at webthatworks.it
Sat Jan 17 18:02:05 PST 2015


On 01/18/2015 12:32 AM, Ivan Sergio Borgonovo wrote:

> If you're impatient:
> 
> http://www.postgresql.org/docs/9.4/static/ssl-tcp.html

If you follow this one you're half way to be able to connect to your pg
server through ssl.

then I followed a slightly modified version of this:
http://www.tigerlogic.com/tigerlogic/omnis/technotes/tnsq0031.jsp

openssl genrsa -out postgresql.key
openssl rsa -in postgresql.key -out postgresql.key
openssl req -new -key postgresql.key -out postgresql.csr

openssl x509 -req -in postgresql.csr -CA root.crt -CAkey server.key
-out postgresql.crt -CAcreateserial

then I edited pg_hba.conf to:

hostssl  all     YOURUSER     all         cert clientcert=1

Now you don't even have to insert the password.

I'm not a cryptographer, so maybe things could be improved.

This time I'll write it down on my wiki.

-- 
Ivan Sergio Borgonovo
http://www.webthatworks.it




More information about the svlug mailing list