2

My steps I did (psql v. 9.3):

  • create psql user with password

  • give him access to relevant databases

  • allow connection from the outside (psql conf)

  • and put "hostssl all all 0.0.0.0/0 trust" in pg_hba.conf

Do I need to create a key now to be able to connect?

How can I test that key if it works?

Thanks for help.

Improve this question

2 Answers 2

Reset to default
1

Read the documentation.

If you didn't do that already, you'll have to configure the PostgreSQL server for SSL: create server.crt and server.key in the PostgreSQL data directory, set ssl = on in postgresql.conf and restart the server.

You don't need a client certificate or key to connect to the server.

To test if your setup works, just connect with psql.

If SSL is used, it will look as follows:

$ psql -d test -h 127.0.0.1
psql (9.3.13)
SSL connection (cipher: DHE-RSA-AES256-GCM-SHA384, bits: 256)
Type "help" for help.

test=#
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Worked smoothly. Im now connected with SSL connection. What I now need is a cert authentication for the enduser. Shall I create a new question or can you help me here?
No need for a question (like with this question), just follow configure it as described in the documentation.
0
  1. Change the trust to md5 (EXTREMELY IMPORTANT)
  2. try to connect over psql from another system using different ssl settings (see the psql man page for this).

If you want to require a cert, then there are additional steps to do, but that's not specified in your question. And cert authentication is possible but an advanced topic.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.