ssl with pem password
This is a discussion on ssl with pem password within the pgsql Admins forums, part of the PostgreSQL category; --> hi.....I'm trying to use postgresql in mode ssl and I would to use a private key that uses a ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-10-2008, 06:02 AM
| ||||
| ||||
 ssl with pem password hi.....I'm trying to use postgresql in mode ssl and I would to use a private key that uses a pem password. When I launch postgres with postgres user and my server.key and server.crt in my home ,in this mode: echo password | /usr/bin/postmaster -il -p '5432' -D '/home/data' I see this message: Enter PEM pass phrase but I would a thing more automatic without that password request. Is it possible? ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend      |
|
04-10-2008, 06:02 AM
| |||
| |||
| Re: ssl with pem password "Luca Stancapiano" <l.stancapiano@k-tech.it> writes: > hi.....I'm trying to use postgresql in mode ssl and I would to use a > private key that uses a pem password. When I launch postgres with > postgres user and my server.key and server.crt in my home ,in this mode: > echo password | /usr/bin/postmaster -il -p '5432' -D '/home/data' > I see this message: > Enter PEM pass phrase > but I would a thing more automatic without that password request. Is it > possible? If you want the server to launch without a password, you have to alter the server key file to remove its password. See the documentation. The above is hardly a more-secure approach, since anyone who can look at the script (or happen to see the "echo" executing in ps) can find out the password. You might as well rely on file permissions to prevent people from getting at the password-less key file. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings |
|
04-10-2008, 06:02 AM
| ||||
| ||||
| Re: ssl with pem password > "Luca Stancapiano" <l.stancapiano@k-tech.it> writes: >> hi.....I'm trying to use postgresql in mode ssl and I would to use a >> private key that uses a pem password. When I launch postgres with >> postgres user and my server.key and server.crt in my home ,in this mode: > >> echo password | /usr/bin/postmaster -il -p '5432' -D '/home/data' > >> I see this message: > >> Enter PEM pass phrase > >> but I would a thing more automatic without that password request. Is it >> possible? > > If you want the server to launch without a password, you have to alter > the server key file to remove its password. See the documentation. > > The above is hardly a more-secure approach, since anyone who can look at > the script (or happen to see the "echo" executing in ps) can find out > the password. You might as well rely on file permissions to prevent > people from getting at the password-less key file. > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 5: don't forget to increase your free space map settings > sorry but I would really to use the key with password because I use a gpg system that hide the real password....It's possible with postgres to use a thing like this? echo crypted_password | /usr/bin/postmaster -il -p '5432' -D '/home/data' ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend |
Linear Mode
