Vitaliyi wrote:
> %openssl x509 -noout -dates -issuer -subject -in postgresql.crt
>
> notBefore=May 16 13:55:49 2008 GMT
> notAfter=Jun 15 13:55:49 2008 GMT
> issuer= /C=UK/ST=Some-State/L=Kiev/O=0x2A/CN=80.93.122.34/[EMAIL PROTECTED]
> subject= /C=UK/ST=Some-State/L=Kiev/O=Internet Widgits Pt
> It does not cause an error, but omit -text.
done
> Did you make sure that postgresql.key has permissions 0600?
of course. otherwise it shows warning
>> files on postgresql server:
>> server.key (priv and pub keys)
>
> Did you make sure that server.key has permissions 0600?
yes
>
Vitaliyi wrote:
> another error appeared:
>
> psql: SSL error: sslv3 alert bad certificate
>
> so I started from beginning:
> on CA:
> openssl genrsa -out our.key 2048
>
> creating self-signed serificate:
> openssl req -new -key our.key -out our.req
> openssl req -x509 -in our.req -text -key our
>> don't know where it looking for "root.crl", but it is in directory
>> with root.crt and server.key, server.crt
>
> That should be harmless...
removed root.crl. the same effect
> Let me reexamine your original mail:
>
>> generating another key on server:
> [...]
>> signing on CA:
>> openssl req
Please, always CC: the list in your replies!
Vitaliyi wrote:
> > - Did you put the same thing in root.crt on both client and server?
>
> yes
>
> > - Does root.crt contain a self signed certificate?
>
> yes
>
> > - Does root.crt contain the certificate that was used to
> sign server.crt and po
Vitaliyi wrote:
> I'm trying to setup SSL auth.
>
> creating CA:
>
> openssl genrsa -out our.key 2048
> openssl req -new -key our.key -out our.req
> openssl req -x509 -in our.req -text -key our.key -out root.crt
>
> then I copy root.crt on postgresql host and to client host in
> ~/.postgresql
>
Good Day
I'm trying to setup SSL auth.
creating CA:
openssl genrsa -out our.key 2048
openssl req -new -key our.key -out our.req
openssl req -x509 -in our.req -text -key our.key -out root.crt
then I copy root.crt on postgresql host and to client host in ~/.postgresql
generating another key on s
