Hi, I'm new on using SSL in PostgreSQL.
I've created a self-signed certificate using openssl and started the server with ssl suport. But I have some question, can you help me? - There is any parameter to configure the path (and name) to certificate (server.crt) and private key (server.key) like hba_file or ident_file in postgresql.conf or any other? - Is it possible to store the server.key in a ciphered file with triple-des and configure the PostgreSQL to use a simetric-key to open it when it's necessary? Maybe I'm wrong but my server only works with I plain private key. I'm trying to use the java keytool in place of openssl. - I believe that it not possible to start the PostgreSQL server without openssl (and ssl-dev package in debian), is it correct? - When I create keys and certificates with keytool, it creates a java keystore to store everything. I know how to export the certificate but I don't know how to export the private key and when I use the keytool certificate, the server crashes with this message: FATAL: could not load server certificate file "server.crt": no start line Sorry about too many questions, but anyone can help me to understand more about ssl in PostgreSQL? -- Regards, Jose Berardo
