Andrew M <[EMAIL PROTECTED]> writes:
> below is a breakdown of the problems i am experiencing with SSL
> ...
> Caused by: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: No truste
> d certificate found
It would appear that either you didn't put a root certificat
Hi Tom,
below is a breakdown of the problems i am experiencing with SSL
Connection String:
jdbc:postgresql://localhost:5432/mydatabase?ssl
my Driver is:
DriverVersion PostgreSQL 8.0devel JDBC3 with SSL (build 308)
The error message i'm getting is:
Code:
14:12:56,779 WARN [SettingsFactory] Could n
Andrew M <[EMAIL PROTECTED]> writes:
> the information I base my statements on is from the mail-list:
> http://www.mail-archive.com/pgsql-bugs@postgresql.org/msg10008.html
AFAICT that thread describes pilot error compounded by poor error
messages from our SSL code. The error message problem, at
Kris,
the information I base my statements on is from the mail-list:
http://www.mail-archive.com/pgsql-bugs@postgresql.org/msg10008.html
I can confirm that Jboss does not requested a keystore, and that it is
the driver which is having a problem with the format of the
certificate. I can confirm th
On Mon, 6 Dec 2004, Andrew M wrote:
> after much research to various mail-lists, it seems that there is a bug
> in the beta versions of postgreSQL 8 which is causing the problem. Is
> there anyway to create a SSLv3 specific certificate?
>
How about sharing a little of that research with us.
Hi,
after much research to various mail-lists, it seems that there is a bug
in the beta versions of postgreSQL 8 which is causing the problem. Is
there anyway to create a SSLv3 specific certificate?
regards
Andrew
On 6 Dec 2004, at 12:28, Kris Jurka wrote:
On Mon, 6 Dec 2004, Andrew M wrote:
jd
Ok,
I have just looked at my postgreSQL terminal window and seen the
following message:
sslv3 alert certificate unknown
Could this mean that the certificate is of the wrong type??
regards
Andrew
On 6 Dec 2004, at 12:50, Andrew M wrote:
Kriss,
I have implemented your earlier suggestion:
sslfactory
On Mon, 6 Dec 2004, Andrew M wrote:
> I have implemented your earlier suggestion:
>
> sslfactory=org.postgresql.ssl.NonValidatingFactory
>
> and no error are generated, so I presume that the connection to the
> database is now ssl'd. So why bother going through the headache of
> creating a c
Kriss,
I have implemented your earlier suggestion:
sslfactory=org.postgresql.ssl.NonValidatingFactory
and no error are generated, so I presume that the connection to the
database is now ssl'd. So why bother going through the headache of
creating a certificate if I can do it like mentioned above?
On Mon, 6 Dec 2004, Andrew M wrote:
> jdbc:postgresql://localhost:5432/mydatabase?ssl
>
> When I launch Jboss, which handles the connection to postgresql, I get
> the following error:
>
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: No trusted certificate
Ok,
spoke to quickly! I am following the example here:
http://archives.postgresql.org/pgsql-jdbc/2003-08/msg00110.php
for ssl support in postgreSQL jdbc (DriverVersion:PostgreSQL 8.0devel JDBC3 with SSL (build 308)). When I get to the final stage, copying the certificate into the java keystore:
Hi,
seems like I may have located the solution to my earlier problem:
http://archives.postgresql.org/pgsql-jdbc/2003-08/msg00110.php
many thanks
Andrew
On 5 Dec 2004, at 23:51, Doug McNaught wrote:
Michael Fuhr <[EMAIL PROTECTED]> writes:
On Sun, Dec 05, 2004 at 09:10:42PM +, Andrew M wrote:
Th
Michael Fuhr <[EMAIL PROTECTED]> writes:
> On Sun, Dec 05, 2004 at 09:10:42PM +, Andrew M wrote:
>
>> The map i make reference to is a Jboss map used to make a jndi
>> connection to postgreSQL. What document do I need to access to get hold
>> of the envireonment variables, namely PGSSLMODE?
On Sun, Dec 05, 2004 at 09:10:42PM +, Andrew M wrote:
> The map i make reference to is a Jboss map used to make a jndi
> connection to postgreSQL. What document do I need to access to get hold
> of the envireonment variables, namely PGSSLMODE?
I don't know if the J-stuff wraps libpq or if
The map i make reference to is a Jboss map used to make a jndi connection to postgreSQL. What document do I need to access to get hold of the envireonment variables, namely PGSSLMODE?
regards
Andrew
On 5 Dec 2004, at 21:00, Michael Fuhr wrote:
On Sun, Dec 05, 2004 at 08:50:15PM +, Andrew M
On Sun, Dec 05, 2004 at 08:50:15PM +, Andrew M wrote:
>
>
> PostgresDS
>
> jdbc:postgresql://localhost:5432/beyarecords connection-url>
> org.postgresql.Driver
> myName
> myPass
>
> require
>
>
>
>
>
> would that do the trick? Sorry for so many questions..
Ah... ok
I need something like:
PostgresDS
jdbc:postgresql://localhost:5432/beyarecords
org.postgresql.Driver
myName
myPass
require
would that do the trick? Sorry for so many questions.. i have a lot to
learn about postgreSQL ;-)
regards
Andrew
On 5 Dec 2004, a
On Sun, Dec 05, 2004 at 08:07:26PM +, Andrew M wrote:
> are you saying I need to do:
>
> 'select * from myTable where x=y sslmode=require'
>
> to make a request to the database a secure one? If so, as I am using
> Hibernate, do you know how I would alter my maps to reflect this?
No, "sslmo
Michael,
are you saying I need to do:
'select * from myTable where x=y sslmode=require'
to make a request to the database a secure one? If so, as I am using
Hibernate, do you know how I would alter my maps to reflect this?
regards
Andrew
On 5 Dec 2004, at 19:41, Michael Fuhr wrote:
On Sun, Dec 05
On Sun, Dec 05, 2004 at 12:27:33PM -0700, Michael Fuhr wrote:
> On the client side you could set the PGSSLMODE environment variable
> to "require" (or the older PGREQUIRESSL to "1"), which should tell
> libpq to attempt only SSL connections.
I forgot to mention that you could also use "sslmode=re
On Sun, Dec 05, 2004 at 11:02:33AM -0800, Steve Atkins wrote:
> On Sun, Dec 05, 2004 at 11:27:57AM -0700, Michael Fuhr wrote:
> >
> > You can use psql to check if SSL is working. Psql prints a message
> > like the following if SSL was successfully negotiated:
> >
> > SSL connection (cipher: DHE-R
On Sun, Dec 05, 2004 at 06:37:57PM +, Andrew M wrote:
> is it possible to trace/monitor processes as they come into postgresql
> tables like you can in windows SQLServer?
See the "Run-time Configuration" section in the "Server Run-time
Environment" chapter of the PostgreSQL documentation.
On Sun, Dec 05, 2004 at 11:27:57AM -0700, Michael Fuhr wrote:
> Right -- see the "Frontend/Backend Protocol" chapter in the
> documentation, in particular the "SSL Session Encryption" section:
>
> http://www.postgresql.org/docs/7.4/static/protocol-flow.html#AEN52782
>
> You can use psql to check
Ok,
is it possible to trace/monitor processes as they come into postgresql
tables like you can in windows SQLServer?
regards
Andrew
On 5 Dec 2004, at 18:27, Michael Fuhr wrote:
On Sun, Dec 05, 2004 at 06:59:41PM +0100, Andreas Seltenreich wrote:
Andrew M. writes:
this what I get when I issue the
On Sun, Dec 05, 2004 at 06:59:41PM +0100, Andreas Seltenreich wrote:
> Andrew M. writes:
>
> > this what I get when I issue the openssl command:
> >
> > 6521:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
> > failure:s23_lib.c:226:
> >
> > could you explain what this means if you know?
>
>
Andrew M. writes:
> this what I get when I issue the openssl command:
>
> 6521:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
> failure:s23_lib.c:226:
>
> could you explain what this means if you know?
I'm afraid, I think my suggestion to use openssl's s_client with the
postmaster's builti
Andreas,
this what I get when I issue the openssl command:
6521:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:226:
could you explain what this means if you know?
When I do:
/usr/local/pgsql/bin/postmaster -l -i -D /usr/local/pgsql/data
I get:
LOG: checkpoint record is a
On Sun, Dec 05, 2004 at 04:12:38PM +, Andrew M wrote:
> I am running postgreSQL and just wanted to know how I confirm that SSL
> is fully functional? I have placed server.key, server.crt and root.crt
> in the data folder and am able to launch postgreSQL with no problems. I
> m launching pos
Andrew M. writes:
> To answer my own question I included the -l flag:
>
> /usr/local/pgsql/bin/postmaster -l -i -D /usr/local/pgsql/data
>
> No errors were reported, which I guess there would be if:
>
> 1. postgreSQL had not ben built with SSL support? or
> 2. the certificate has not been properly
To answer my own question I included the -l flag:
/usr/local/pgsql/bin/postmaster -l -i -D /usr/local/pgsql/data
No errors were reported, which I guess there would be if:
1. postgreSQL had not ben built with SSL support? or
2. the certificate has not been properly setup?
regards
Andrew
On 5 Dec 200
30 matches
Mail list logo
