How to specify a client certificate to psql?
Solution 1
As stated in the documentation linked by @Milen, you can do this by setting the PGSSLCERT and PGSSLKEY environment variables, or by adding sslcert=<cert location> sslkey=<key location> to the connection string.
Solution 2
The end result looks like
$>psql "port=5431 host=localhost user=postgres sslcert=./test/client.crt sslkey=./test/client.key sslrootcert=./test/server.crt sslmode=verify-ca"
All the variables are here.
Related videos on Youtube
07 : 54
08 : 36
03 : 58
38 : 04
01 : 28
Comments
-
Ionoclast Brigham over 1 year
I have a Postgres server with a user
devwhich requires a client certificate to log in. I'm using the commandpsql "sslmode=require user=dev host=db.prod", which gives mepsql: FATAL: connection requires a valid client certificate.I know where the certificate is on my server. My question is, how do I specify the client certificate location to
psql?-
Federico Sierra about 9 years -
Milen A. Radev about 9 years
-
-
Seldom 'Where's Monica' Needy almost 8 yearsI'll note here thatPGSSLCERTandPGSSLKEYalso allow paths to be specified, so don'tcatthe certificate or key itself into those variables. -
Radu Simionescu over 5 yearsif I place root crt in ~/.postgreqsl/ I don't have to provide any key. If I place it somewhere else and provide sslrootcert, suddenly I have to also provide key - do you know how does that work?
