You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Generate a private key (you must provide a passphrase).
openssl genrsa -des3 -out server.key 1024
Remove the passphrase.
openssl rsa -in server.key -out server.key
Create the server certificate. -subj is a shortcut to avoid prompting for the info. -x509 produces a self signed certificate rather than a certificate request.
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv4 remote connections for authenticated users
hostssl all www-data 0.0.0.0/0 md5
hostssl all postgres 0.0.0.0/0 md5 clientcert=1
You need to edit postgresql.conf to actually activate ssl: