Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using psql to connect to PostgreSQL in SSL mode

Tags:

postgresql

ssl

ssl-certificate

postgresql-8.4

I am trying to configure ssl certificate for PostgreSQL server. I have created a certificate file (server.crt) and key (server.key) in data directory and update the parameter SSL to "on" to enable secure connection.

I just want only the server to be authenticated with server certificates on the client side and don't require the authenticity of client at server side. I am using psql as a client to connect and execute the commands.

I am using PostgreSQL 8.4 and Linux. I tried with the below command to connect to server with SSL enabled

       psql "postgresql://localhost:2345/postgres?sslmode=require"

but I am getting

       psql: invalid connection option "postgresql://localhost:2345/postgres?sslmode"

What am doing wrong here? Is the way I am trying to connect to server with SSL mode enabled is correct? Is it fine to authenticate only server and not the client ?

like image 614
Lolly Avatar asked Dec 24 '12 13:12

Lolly

People also ask

How do I connect to PostgreSQL database using SSL?

With SSL support compiled in, the PostgreSQL server can be started with SSL enabled by setting the parameter ssl to on in postgresql. conf. The server will listen for both normal and SSL connections on the same TCP port, and will negotiate with any connecting client on whether to use SSL .

How do I connect to PostgreSQL certificate?

Connect to your PostgreSQL database using psql connection parameters to specify the location of your client certificate, private key, and root CA certificate. Setting the sslmode parameter to verify-full also ensures that the PostgreSQL server name matches the name in the certificate it presents to clients.

What is SSL mode in PostgreSQL?

In libpq, secure connections can be ensured by setting the sslmode parameter to verify-full or verify-ca , and providing the system with a root certificate to verify against. This is analogous to using an https URL for encrypted web browsing. Once the server has been authenticated, the client can pass sensitive data.

1 Answers

psql below 9.2 does not accept this URL-like syntax for options.

The use of SSL can be driven by the sslmode=value option on the command line or the PGSSLMODE environment variable, but the default being prefer, SSL connections will be tried first automatically without specifying anything.

Example with a conninfo string (updated for psql 8.4)

psql "sslmode=require host=localhost dbname=test"

Read the manual page for more options.

like image 74
Daniel Vérité Avatar answered Sep 19 '22 14:09

Daniel Vérité
Sign in to Comment

Related questions

How to specify a tab in a postgres front-end COPY
Sort by column ASC, but NULL values first?
Reset PostgreSQL primary key to 1
How to detect query which holds the lock in Postgres?
PostgreSQL server won't stop
Can't install PostgreSQL: An error occurred executing the Microsoft VC++ runtime installer on Windows XP
Table name as a PostgreSQL function parameter
How to check connected user on psql
How to turn a json array into rows in postgres
change pgsql port [duplicate]
Postgresql extract last row for each id
Postgres DB not starting on Mac OSX: ERROR says: connections on Unix domain socket [closed]
Index for finding an element in a JSON array
Postgres: how do you round a timestamp up or down to the nearest minute?
How to check if a postgres user exists?
sqlalchemy.exc.NoSuchModuleError: Can't load plugin: sqlalchemy.dialects:postgres
Socket File "/var/pgsql_socket/.s.PGSQL.5432" Missing In Mountain Lion (OS X Server)
Adding comment to column when I create table in PostgreSQL?
What is the difference between `->>` and `->` in Postgres SQL?
Where is the Postgresql config file: 'postgresql.conf' on Windows?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!