I've installed PostgreSQL on Arch Linux & also self generated self signed certificates in
/etc/ssl/ directory. My PostgreSQL 'data' directory is
/var/lib/postgres/data & I've edited my
postgresql.conf file to use SSL however I'm having permission / access problems starting my database using SSL. It can't access the certificates and errors out when I try and start the database engine:
Code:
LOG: autovacuum launcher shutting down
LOG: shutting down
LOG: database system is shut down
FATAL: could not load server certificate file "server.crt": No such file or directory
FATAL: private key file "server.key" has group or world access
DETAIL: Permissions should be u=rw (0600) or less.
FATAL: could not access private key file "server.key": Permission denied
FATAL: could not access private key file "server.key": Permission denied
FATAL: could not access private key file "server.key": Permission denied
FATAL: could not load private key file "server.key": Permission denied
My /etc/ssl permissions are as follows:
Code:
[root@ghost ssl]# ls -l
total 28
drwxr-xr-x 2 root root 4096 Apr 18 22:28 certs
drwxr-xr-x 2 root root 4096 Feb 8 13:58 misc
-rw-r--r-- 1 root root 10819 Feb 8 13:58 openssl.cnf
drwxr-xr-x 2 root root 4096 Apr 18 22:28 private
-rw-r--r-- 1 root root 1813 Apr 18 22:27 server.csr
The individual certificate permissions are as follows:
Code:
[root@ghost ssl]# ls -l certs/server.crt
-rw-r--r-- 1 root root 2126 Apr 18 22:27 certs/server.crt
[root@ghost ssl]# ls -l private/server.key
-rw------- 1 root root 3311 Apr 18 22:25 private/server.key
I don't know what I need to chown or chmod in order to get PostgreSQL to access my self signed certificates. If anyone could please help me out, I would greatly appreciate it.