Thread: pgadmin4 + SSH Tunnel
Hello,
I have no problem connecting without SSL to my postgresql server utilizing an ssh tunnel, but if I try to enable SSL for the postgresql db connection with verify-ca it doesn't work. I'm supplying the root certificate, but we don't use client certificates for authentication, only username/password. I'm able to get this same setup working in sqlworkbench, but for some reason, I'm not able to use SSL for the DB connection using verify-ca supplying only the root.crt. Do I need to be using client certificate authentication for SSL to work for the db connection.
- Is that works without creating SSH Tunnel?
- Try to connect using psql? If that works can you please create SSH Tunnel manually from command prompt and then try to connect DB using psql.
Daryl Roche
Systems Administrator, Research IM.IT
BC Children's Hospital Research Institute
University of British Columbia
604-875-2345 x4648 | droche@bcchr.ubc.ca
Mobile: +91 976-788-8246
Both tests worked.
I ended up having to create a client certificate to get pgadmin 4 to work. It would be great if I didn’t have to go that route as our dev environment doesn’t require the added security of managing client certificates. It’d be great if pgadmin 4 supported SSL with verify-ca without needing client certificates, and just the root certificate.
From: Akshay Joshi [mailto:akshay.joshi@enterprisedb.com]
Sent: Thursday, July 12, 2018 11:20 PM
To: Daryl Roche <droche@bcchr.ubc.ca>
Cc: pgadmin-support@lists.postgresql.org
Subject: Re: pgadmin4 + SSH Tunnel
Hi Daryl
On Fri, Jul 13, 2018 at 5:35 AM, Daryl Roche <droche@bcchr.ubc.ca> wrote:
Hello,
I have no problem connecting without SSL to my postgresql server utilizing an ssh tunnel, but if I try to enable SSL for the postgresql db connection with verify-ca it doesn't work. I'm supplying the root certificate, but we don't use client certificates for authentication, only username/password. I'm able to get this same setup working in sqlworkbench, but for some reason, I'm not able to use SSL for the DB connection using verify-ca supplying only the root.crt. Do I need to be using client certificate authentication for SSL to work for the db connection.
Can you please try following things:
- Is that works without creating SSH Tunnel?
- Try to connect using psql? If that works can you please create SSH Tunnel manually from command prompt and then try to connect DB using psql.
Daryl Roche
Systems Administrator, Research IM.IT
BC Children's Hospital Research Institute
University of British Columbia
604-875-2345 x4648 | droche@bcchr.ubc.ca
--
Akshay Joshi
Sr. Software Architect
Phone: +91 20-3058-9517
Mobile: +91 976-788-8246
Both tests worked.
I ended up having to create a client certificate to get pgadmin 4 to work. It would be great if I didn’t have to go that route as our dev environment doesn’t require the added security of managing client certificates. It’d be great if pgadmin 4 supported SSL with verify-ca without needing client certificates, and just the root certificate.
From: Akshay Joshi [mailto:akshay.joshi@enterpris
edb.com]
Sent: Thursday, July 12, 2018 11:20 PM
To: Daryl Roche <droche@bcchr.ubc.ca>
Cc: pgadmin-support@lists.postgresql.org
Subject: Re: pgadmin4 + SSH Tunnel
Hi Daryl
On Fri, Jul 13, 2018 at 5:35 AM, Daryl Roche <droche@bcchr.ubc.ca> wrote:
Hello,
I have no problem connecting without SSL to my postgresql server utilizing an ssh tunnel, but if I try to enable SSL for the postgresql db connection with verify-ca it doesn't work. I'm supplying the root certificate, but we don't use client certificates for authentication, only username/password. I'm able to get this same setup working in sqlworkbench, but for some reason, I'm not able to use SSL for the DB connection using verify-ca supplying only the root.crt. Do I need to be using client certificate authentication for SSL to work for the db connection.
Can you please try following things:
- Is that works without creating SSH Tunnel?
- Try to connect using psql? If that works can you please create SSH Tunnel manually from command prompt and then try to connect DB using psql.
Daryl Roche
Systems Administrator, Research IM.IT
BC Children's Hospital Research Institute
University of British Columbia
604-875-2345 x4648 | droche@bcchr.ubc.ca
--
Akshay Joshi
Sr. Software Architect
Phone: +91 20-3058-9517
Mobile: +91 976-788-8246
Mobile: +91 976-788-8246
Thanks Akshay,
I’ve created https://redmine.postgresql.org/issues/3508 to track the problem.
From: Akshay Joshi [mailto:akshay.joshi@enterprisedb.com]
Sent: Monday, July 16, 2018 10:46 PM
To: Daryl Roche <droche@bcchr.ubc.ca>
Cc: pgadmin-support@lists.postgresql.org
Subject: Re: pgadmin4 + SSH Tunnel
Hi Daryl
On Mon, Jul 16, 2018 at 9:50 PM, Daryl Roche <droche@bcchr.ubc.ca> wrote:
Both tests worked.
I ended up having to create a client certificate to get pgadmin 4 to work. It would be great if I didn’t have to go that route as our dev environment doesn’t require the added security of managing client certificates. It’d be great if pgadmin 4 supported SSL with verify-ca without needing client certificates, and just the root certificate.
Can you please create a RM @ https://redmine.postgresql.org/projects/pgadmin4/
From: Akshay Joshi [mailto:akshay.joshi@enterprisedb.com]
Sent: Thursday, July 12, 2018 11:20 PM
To: Daryl Roche <droche@bcchr.ubc.ca>
Cc: pgadmin-support@lists.postgresql.org
Subject: Re: pgadmin4 + SSH Tunnel
Hi Daryl
On Fri, Jul 13, 2018 at 5:35 AM, Daryl Roche <droche@bcchr.ubc.ca> wrote:
Hello,
I have no problem connecting without SSL to my postgresql server utilizing an ssh tunnel, but if I try to enable SSL for the postgresql db connection with verify-ca it doesn't work. I'm supplying the root certificate, but we don't use client certificates for authentication, only username/password. I'm able to get this same setup working in sqlworkbench, but for some reason, I'm not able to use SSL for the DB connection using verify-ca supplying only the root.crt. Do I need to be using client certificate authentication for SSL to work for the db connection.
Can you please try following things:
- Is that works without creating SSH Tunnel?
- Try to connect using psql? If that works can you please create SSH Tunnel manually from command prompt and then try to connect DB using psql.
Daryl Roche
Systems Administrator, Research IM.IT
BC Children's Hospital Research Institute
University of British Columbia
604-875-2345 x4648 | droche@bcchr.ubc.ca
--
Akshay Joshi
Sr. Software Architect
Phone: +91 20-3058-9517
Mobile: +91 976-788-8246
--
Akshay Joshi
Sr. Software Architect
Phone: +91 20-3058-9517
Mobile: +91 976-788-8246