Description
After Postgres is installed and an SSL certificate is acquired:
- 1. Open the postgresql.conf for editing as an administrator:
- Windows: C:\exacqVisionEsm\PostgreSQL\9.2\data\postgresql.conf
- Linux: /usr/local/exacq/esm/PostgreSQL/9.2/data/postgresql.conf
- 2. Locate the “# – Security and Authentication -” section:
- Replace it with:
# – Security and Authentication – #authentication_timeout = 1min # 1s-600s ssl = on # (change requires restart) #ssl_ciphers = ‘DEFAULT:!LOW:!EXP:!MD5:@STRENGTH’ # allowed SSL ciphers # (change requires restart) ssl_renegotiation_limit = 0 # amount of data between renegotiations ssl_cert_file = ‘server.crt’ # (change requires restart) ssl_key_file = ‘server.key’ # (change requires restart) #ssl_ca_file = ” # (change requires restart) #ssl_crl_file = ” # (change requires restart) #password_encryption = on #db_user_namespace = off # Kerberos and GSSAPI #krb_server_keyfile = ” #krb_srvname = ‘postgres’ # (Kerberos only) #krb_caseins_users = off
- Replace it with:
- 3. Copy your SSL cert as server.crt to:
- Windows: C:\exacqVisionEsm\PostgreSQL\9.2\data\server.crt
- Linux: /usr/local/exacq/esm/PostgreSQL/9.2/data/server.crt
- 4. Copy your SSL key as server.key to:
- Windows: C:\exacqVisionEsm\PostgreSQL\9.2\data\server.key
- Linux: /usr/local/exacq/esm/PostgreSQL/9.2/data/server.key