Hi James, I am using "peer" instead of "trust" in my pg_hba.conf. You may want to try this.
Cheers, Lixin. On 2024-02-06, 10:21 AM, "James B. Byrne via OpenXPKI-users" <[email protected] <mailto:[email protected]>> wrote: PostgreSQL-16 FreeBSd-13.2p9 I am trying to setup openxpki using PostgreSQL as the data store. After installing both postgresql16 and openxpki I completed the following steps successfully using psql: psql -U postgres -d postgres CREATE USER openxpki; CREATE DATABASE openxpki; GRANT ALL PRIVILEGES ON DATABASE openxpki TO openxpki; I altered config.d/system/database.yaml type: PostgreSQL name: openxpki user: openxpki passwd: openxpki I checked for local connections in /var/db/postgres/data16/pg_hba.conf: local all all trust I successfully loaded the openxpki schema for postgresql: psql --username postgres openxpki < /usr/local/share/examples/openxpki/config/contrib/sql/schema-psql.sql I created the vault key and certificate and moved them to /usr/local/etc/openxpki/local/keys. I then tried to load these into openxpki using openxpkiadm. This fails with a databse permissions error: sudo --user=openxpki openxpkiadm certificate import --file /usr/local/etc/openxpki/local/keys/vault.crt try/catch is experimental at /usr/local/lib/perl5/site_perl/OpenXPKI/Server/Init.pm line 103. try/catch is experimental at /usr/local/lib/perl5/site_perl/OpenXPKI/Server/Init.pm line 107. Starting import 2024/02/06 13:20:33 Database error: execution of SQL query failed; __dbi_error__ => ERROR: permission denied for table certificate, __dsn__ => dbi:Pg:database=openxpki;sslmode=allow, __query__ => SELECT identifier, pki_realm, status, req_key FROM certificate WHERE ( identifier = ? ) LIMIT ? OFFSET ?, __source__ => DBD::Pg::st::execute, __user__ => openxpki Database error: execution of SQL query failed __dsn__: dbi:Pg:database=openxpki;sslmode=allow __dbi_error__: ERROR: permission denied for table certificate __user__: openxpki __source__: DBD::Pg::st::execute __query__: SELECT identifier, pki_realm, status, req_key FROM certificate WHERE ( identifier = ? ) LIMIT ? OFFSET ? It also fails for both root and postgres users. What step have I missed? -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Unencrypted messages have no legal claim to privacy Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:[email protected] <mailto:[email protected]> Harte & Lyne Limited http://www.harte-lyne.ca <http://www.harte-lyne.ca> 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 _______________________________________________ OpenXPKI-users mailing list [email protected] <mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/openxpki-users <https://lists.sourceforge.net/lists/listinfo/openxpki-users> _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
