![]() ![]() Let's move the files to their final destination: mkdir -p /etc/ssl/postgresql/Ĭp ca-cert.pem server-cert.pem server-key.pem /etc/ssl/postgresql/Ĭhown -R postgres.postgres /etc/ssl/postgresql Openssl x509 -req -in client.csr -text -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out client-cert.pemĪt this point you should have the following files in the directory: $ ls ~/certĬa-cert.pem ca-cert.srl ca.csr ca-key.pem client-cert.pem client.csr client-key.pem server-cert.pem server.csr server-key.pem Now, let's create the client key and certificate: openssl req -new -nodes -text -out client.csr -keyout client-key.pem -subj "/CN=pg-client" Openssl x509 -req -in server.csr -text -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem Openssl req -new -nodes -text -out server.csr -keyout server-key.pem -subj "/CN=pg-server" ![]() Openssl x509 -req -in ca.csr -text -extfile /etc/ssl/openssl.cnf -extensions v3_ca -signkey ca-key.pem -out ca-cert.pem Openssl req -new -nodes -text -out ca.csr -keyout ca-key.pem -subj "/CN=certificate-authority" Let's create the server certificate first: mkdir ~/cert & cd ~/cert PostgreSQL is installed with the following commands: echo "deb $(lsb_release -cs)-pgdg main" > /etc/apt//pgdg.listĪpt-get -yes install wget ca-certificatesĪpt-get -yes install postgresql-10 openssl This is a simple introduction on how-to connect to PostgreSQL from a remote server using a self signed SSL certificate. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
May 2023
Categories |