{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Animai°情兽 的问题《Using psql to connect to postgresql in ssl mode》','https://www.manongdao.com/q-465600.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am trying to configure ssl certificate for postgreSQL server. I have created a certificate file (server.crt) and key (server.key) in data directory and update the parameter SSL to "on" to enable secure connection.
I just want only the server to be authenticated with server certificates on the client side and dont require the authenticity of client at server side. I am using psql as a client to connect and execute the commands.
I am using PostgreSQL 8.4 and linux. I tried with the below command to connect to server with ssl enabled
psql "postgresql://localhost:2345/postgres?sslmode=require"
but I am getting
psql: invalid connection option "postgresql://localhost:2345/postgres?sslmode"
What am doing wrong here? Is the way I am trying to connect to server with ssl mode enabled is correct? Is it fine to authenticate only server and not the client ?
Please help me out.
psqlbelow 9.2 does not accept this URL-like syntax for options.The use of SSL can be driven by the
sslmode=valueoption on the command line or the PGSSLMODE environment variable, but the default beingprefer, SSL connections will be tried first automatically without specifying anything.Example with a conninfo string (updated for psql 8.4)
Read the manual page for more options.
and update
/var/lib/pgsql/10/data/pg_hba.confto change the auth method tocert. Check the following link for more information:https://www.postgresql.org/docs/9.1/auth-pg-hba-conf.html
According to the postgres psql documentation, only the connection parameters should go in the conninfo string(that's why in our example, --username is not inside that string)