Server SSL key with passphrase

Started by dhanuj hippieabout 9 years ago2 messagesgeneral

dhanuj.hippie@gmail.com

about 9 years ago

Hi,

I have a postgres-9.6 server running with SSL enabled, and I have setup the
certificates as per documentation. But currently the key file is not
protected by passphrase. Does postgres provide a way to use passphrase
protected keys ?

Thanks
Dhanuj

Berend Tober

btober@computer.org

about 9 years ago

In reply to: dhanuj hippie (#1)

Re: Server SSL key with passphrase

dhanuj hippie wrote:

I have a postgres-9.6 server running with SSL enabled, and I have setup the certificates as per
documentation. But currently the key file is not protected by passphrase. Does postgres provide a
way to use passphrase protected keys ?

If by "per documentation" you refer to "18.9.3. Creating a Self-signed Certificate", that process
creates password protected key initially, and then there is a specific step in that process for
removing the password. If you omit that password removal step, then you would have a password
protected key. Note, though, as the documentation further points out, someone will have to be
standing by at the key board whenever the server is started so as to be able to respond to the
password prompt. You may indeed want that, but it is not recommended practice.

-- B

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general