在PostgreSQL服务器上启用SSL连接
[英]Enable SSL connections on PostgreSQL server
问题描述
I am trying to connect my PowerBI with a postgreSQL database. 
我正在尝试将PowerBI与postgreSQL数据库连接。 For this reason I need to enable the SSL connections. 因此,我需要启用SSL连接。 So far, I have created the server.key and server.crt files as referred in the documentation I have also modified the postgresql.conf file with the following parameters: 到目前为止,我已经按照文档中的说明创建了server.key和server.crt文件,并且还使用以下参数修改了postgresql.conf文件:
#authentication_timeout = 1min # 1s-600s
ssl = on # (change requires restart)
#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
# (change requires restart)
#ssl_prefer_server_ciphers = on # (change requires restart)
#ssl_ecdh_curve = 'prime256v1' # (change requires restart)
ssl_cert_file = 'server.crt' # (change requires restart)
ssl_key_file = 'server.key' # (change requires restart)
#ssl_ca_file = '' # (change requires restart)
#ssl_crl_file = '' # (change requires restart)
#password_encryption = on
#db_user_namespace = off
#row_security = on
But I have no success, what am I missing? 但是我没有成功,我想念什么?
Postgres version: 9.5 WIndows 8 Postgres版本:9.5 Windows 8
I am using ODBC to test if the connection with SSL actually works, and as you can see it doesnt: 我正在使用ODBC来测试与SSL的连接是否确实有效,并且您可以看到它无效:
I would like to figure out how to get this running, but I also would be happy if I can force Power BI not to user SSL connection. 我想弄清楚如何使它运行,但是如果我可以强制Power BI不与用户SSL连接,我也很高兴。 If there is someone who knows how to do it, let me know! 如果有人知道该怎么做,请告诉我!
EDIT More information: pg_hba.conf 编辑更多信息:pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
#host all all 127.0.0.1/32 md5
hostssl all all 127.0.0.1/32 md5
# IPv6 local connections: host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
1 个解决方案
解决方案1
0 2017-05-08 20:42:04
You don't mention having re-built Postgres from source as it says is required in the first paragraph of the documentation you cite: 您没有提到要从源代码重建Postgres,因为在您引用的文档的第一段中,这是必需的:
PostgreSQL has native support for using SSL connections to encrypt client/server communications for increased security.
(emphasis mine) (强调我的)
If you are trying to make it work from a pre-packaged distribution, such as an RPM or Debian package, SSL support is not compiled in, so is not available to you. 如果您试图使其通过预打包的发行版(例如RPM或Debian软件包)工作,则不会编译SSL支持,因此您将无法使用它。
You need to be sure you have OpenSSL installed, and rebuild PostgreSQL from source, adding the --with-openssl command line option to the source tree configuration as described in 15.4. 您需要确保已安装OpenSSL,并从源代码重建PostgreSQL,并在源代码树配置中添加--with-openssl命令行选项,如15.4中所述。 Installation Procedure . 安装程序 。
See Chapter 15. Installation from Source Code for a more complete description of the necessary installation procedure. 有关必要的安装过程的更完整说明,请参见第15章 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.