8.1dev ssl broke?
I pulled cvs today and performed the following:
./configure --with-openssl --prefix=/tmp/pgsqldev
make install
cd /tmp/pgsqldev
initdb --no-locale -D data -l data/serverlog
pg_hba.conf lines:
# "local" is for Unix domain socket connections only
#local all all trust
# IPv4 local connections:
hostssl all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
postgresql.conf
listen_addresses = 'localhost' # what IP interface(s) to listen on;
# defaults to localhost, '*' = any
port = 5432
ssl = on
When I try to connect I get:
LOG: redo record is at 0/34D73C; undo record is at 0/0; shutdown TRUE
LOG: next transaction ID: 561; next OID: 16385
LOG: next MultiXactId: 1; next MultiXactOffset: 0
LOG: database system is ready
LOG: transaction ID wrap limit is 2147484132, limited by database
"postgres"
LOG: invalid entry in file "/tmp/pgsqldev/data/pg_hba.conf" at line 73,
token "hostssl"
FATAL: missing or erroneous pg_hba.conf file
HINT: See server log for details.
DEBUG: forked new backend, pid=26717 socket=6
DEBUG: server process (PID 26717) exited with exit code 0
If I change the entries to:
# "local" is for Unix domain socket connections only
#local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
Everything works fine.
Sincerely,
Joshua D. Drake
--
Your PostgreSQL solutions company - Command Prompt, Inc. 1.800.492.2240
PostgreSQL Replication, Consulting, Custom Programming, 24x7 support
Managed Services, Shared and Dedicated Hosting
Co-Authors: plPHP, plPerlNG - http://www.commandprompt.com/
FYI: I also followed the instructions per:
http://developer.postgresql.org/docs/postgres/ssl-tcp.html
Joshua D. Drake wrote:
I pulled cvs today and performed the following:
./configure --with-openssl --prefix=/tmp/pgsqldev
make install
cd /tmp/pgsqldev
initdb --no-locale -D data -l data/serverlogpg_hba.conf lines:
# "local" is for Unix domain socket connections only
#local all all trust
# IPv4 local connections:
hostssl all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trustpostgresql.conf
listen_addresses = 'localhost' # what IP interface(s) to listen on;
# defaults to localhost, '*' = any
port = 5432
ssl = onWhen I try to connect I get:
LOG: redo record is at 0/34D73C; undo record is at 0/0; shutdown TRUE
LOG: next transaction ID: 561; next OID: 16385
LOG: next MultiXactId: 1; next MultiXactOffset: 0
LOG: database system is ready
LOG: transaction ID wrap limit is 2147484132, limited by database
"postgres"
LOG: invalid entry in file "/tmp/pgsqldev/data/pg_hba.conf" at line 73,
token "hostssl"
FATAL: missing or erroneous pg_hba.conf file
HINT: See server log for details.
DEBUG: forked new backend, pid=26717 socket=6
DEBUG: server process (PID 26717) exited with exit code 0If I change the entries to:
# "local" is for Unix domain socket connections only
#local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trustEverything works fine.
Sincerely,
Joshua D. Drake
--
Your PostgreSQL solutions company - Command Prompt, Inc. 1.800.492.2240
PostgreSQL Replication, Consulting, Custom Programming, 24x7 support
Managed Services, Shared and Dedicated Hosting
Co-Authors: plPHP, plPerlNG - http://www.commandprompt.com/
On Thu, Jul 07, 2005 at 12:30:35PM -0700, Joshua D. Drake wrote:
I pulled cvs today and performed the following:
./configure --with-openssl --prefix=/tmp/pgsqldev
Did the build actually find OpenSSL? Does "ldd postgres" show it
linked against libcrypto and libssl (I'm assuming those are shared
libraries on your system)?
LOG: invalid entry in file "/tmp/pgsqldev/data/pg_hba.conf" at line 73,
token "hostssl"
No problems here with the latest HEAD. Is it possible that you're
running a non-SSL enabled postmaster, either because the build didn't
find OpenSSL or because the postmaster you ran is from a different
build?
--
Michael Fuhr
http://www.fuhr.org/~mfuhr/
Michael Fuhr wrote:
On Thu, Jul 07, 2005 at 12:30:35PM -0700, Joshua D. Drake wrote:
I pulled cvs today and performed the following:
./configure --with-openssl --prefix=/tmp/pgsqldev
Did the build actually find OpenSSL? Does "ldd postgres" show it
linked against libcrypto and libssl (I'm assuming those are shared
libraries on your system)?
Bingo... I didn't think about the ldd. **notes** make clean before
recompiling ;)
Sincerely,
Joshua D. Drake
--
Your PostgreSQL solutions company - Command Prompt, Inc. 1.800.492.2240
PostgreSQL Replication, Consulting, Custom Programming, 24x7 support
Managed Services, Shared and Dedicated Hosting
Co-Authors: plPHP, plPerlNG - http://www.commandprompt.com/