Hi,
I have completed the steps at https://www.postgresql.org/docs/current/ssl-tcp.html#SSL-CLIENT-CERTIFICATES Specifically: To create a server certificate whose identity can be validated by clients, first create a certificate signing request (CSR) and a public/private key file: openssl req -new -nodes -text -out root.csr \ -keyout root.key -subj "/CN=root.yourdomain.com" chmod og-rwx root.key Then, sign the request with the key to create a root certificate authority (using the default OpenSSL configuration file location on Linux): openssl x509 -req -in root.csr -text -days 3650 \ -extfile /etc/ssl/openssl.cnf -extensions v3_ca \ -signkey root.key -out root.crt Finally, create a server certificate signed by the new root certificate authority: openssl req -new -nodes -text -out server.csr \ -keyout server.key -subj "/CN=dbhost.yourdomain.com" chmod og-rwx server.key openssl x509 -req -in server.csr -text -days 365 \ -CA root.crt -CAkey root.key -CAcreateserial \ -out server.crt However when I issue cmd (this is a generalised version): C:\Program Files (x86)\pgAdmin 4\v4\runtime>psql "sslmode=verify-ca host= host.com dbname=db user=dbuser" It returns: psql: SSL error: certificate verify failed Can anyone advise on what I should try next?
