Re: Ssl question

You don't need to have openssl on client machine to connect to an 'ssl enabled' server. The steps you have done are sufficient to connect to the server using ssl provided that your server is configured to accept ssl connections.

To enable ssl on server side, you need to compile the source with ssl=on option and that requires openssl to be available. However, if your server is not configured properly for ssl support, you won't be able to connect to it using ssl. If you have success connecting to server using ssl, it means you have everything great. No worries

Regards,
Altaf Malik
EnterpriseDB
http://www.enterprisedb.com/

"Bronson, Allan B. (Mission Systems)" <Allan(dot)Bronson(at)ngc(dot)com> wrote:
I am trying to create a SSl connection to PostGres using JDBC and am not sure if it is working.
I read that you must have openssl on the client machine for the connection to take place. I have turned ssl = on in the config file, created a cert and key file and placed them in the correct directory, created a truststore and add the ?ssl=true to the url for the client. When I do all this I connect and get data back from the db. My confusion is when I read that I need openssl on the client machine to connect, since I can connect without openssl installed. I do notice that if my truststore does not have the cert placed in it, I get an error saying missing certificate ( something like that ), does that mean ssl is working for the client and server?
I am using Postgres 8.2 and have read that I may need to compile the Postgres src code with openssl for it to be enabled. Is this correct or is SSL already compiled into the src code?
Thanks to anyone who can provide information or point me in the right direction. I am facing a tight deadline and don’t have a ton of extra time to research this more.
allan

---------------------------------
Looking for last minute shopping deals? Find them fast with Yahoo! Search.