Assumptions
The following is assumed:
- Postgres Database Server is SSL enabled.
Steps needed for enabling SSL Certificate Postgres
Follow these steps:
- Create a DB Transport;
- Select DB Type as Postgres;
- Fill in DB Name, Host, User, Port & Password;
- Check the box for Use SSL Certificate;
- Select the Root Certificate;
- Select the Client Certificate;
- Select the Key File Certificate generated using openssl cmd;
- Define the Password using the password given while generating Key File.
Upload root certificate, client certificate and key file, into staging browser.
To do that, it is needed to go to Administration, Staging Browser, click onto Output Button and select the files and click OK. That will upload the files to the Staging Browser.
SslKey: Client certificate with pk8 extension. To generate the pk8 keyfile, use the following cmd
openssl pkcs8 -topk8 -inform PEM -in <client certificate> -outform DER -out postgresql.pk8 -v1 PBE-MD5-DES
SslPassword: When executing the above cmd,a password will be prompted, the same password should be used.
| sslMode | Description |
|---|---|
| require | I want my data to be encrypted, and I accept the overhead. I trust that the network will make sure I always connect to the server I want. |
| Verify-ca | I want my data encrypted, and I accept the overhead. I want to be sure that I connect to a server that I trust. |
| Verify-full | I want my data encrypted, and I accept the overhead. I want to be sure that I connect to a server I trust, and that it's the one I specify. |