Thread: [ADMIN] pg_hba.conf and hostssl all all 999.999.999.0/24 cert and use ofletsencrypt.org software
[ADMIN] pg_hba.conf and hostssl all all 999.999.999.0/24 cert and use ofletsencrypt.org software
From
Poul Kristensen
Date:
Hi!
Does anyone know if letsencrypt can be used to authenticate host(client) to host (PostgreSQL)?
The goal is to let the client authenticate againts the certificate registered
in an openLDAP and use letsencrypt.org software.
The PostgreSQL host is going to run the openLDAP too.
Have anyone tried this?
TIA
Poul
Re: [ADMIN] pg_hba.conf and hostssl all all 999.999.999.0/24 cert anduse of letsencrypt.org software
From
"Gunnar \"Nick\" Bluth"
Date:
Am 01/25/2017 um 02:45 PM schrieb Poul Kristensen: > > Hi! Hi Poul, > Does anyone know if letsencrypt can be used to authenticate host(client) > to host (PostgreSQL)? > The goal is to let the client authenticate againts the certificate > registered > in an openLDAP and use letsencrypt.org <http://letsencrypt.org> software. > The PostgreSQL host is going to run the openLDAP too. > > Have anyone tried this? I'm wondering if you really thought this through... why would you want to rely on a (rather trustworthy, but alas!) CA to manage your certificates when you can use your own (google "easyrsa") CA without any significant hassle? But maybe I'm missing something ;-) Cheers, -- Gunnar "Nick" Bluth DBA ELSTER Tel: +49 911/991-4665 Mobil: +49 172/8853339
Re: [ADMIN] pg_hba.conf and hostssl all all 999.999.999.0/24 cert anduse of letsencrypt.org software
From
Magnus Hagander
Date:
On Jan 25, 2017 14:47, "Poul Kristensen" <bcc5226@gmail.com> wrote:
Hi!Does anyone know if letsencrypt can be used to authenticate host(client) to host (PostgreSQL)?The goal is to let the client authenticate againts the certificate registeredin an openLDAP and use letsencrypt.org software.The PostgreSQL host is going to run the openLDAP too.Have anyone tried this?
Letsencrypt does not issue client certificates, so it won't work.
/Magnus