How to use SSL with Passphrase for PostgreSQL?

1.2k Views Asked by Gineesh At 14 December 2021 at 09:54

I am trying to deploy the PostgreSQL with CA Signed SSL Certificate and Keys (With passphrase). When I try to start pgsql service, it is expecting the PEM password but it will not work in the interactive way.

Do we have any non-interactive way to provide the SSL passphrase ? (Automatic restart or stop will not work otherwise)

I found this article How to enable SSL in PostgreSQL/PPAS referring to use pg_ctl start -w so that the service will ask for the SSL key passphrase.
I also found this article PostgreSQL with passphrase-protected SSL keys under systemd saying about the use of ssl_passphrase_command but which also in turn asking the PEM passphrase interactively.

Thanks

Original Q&A

There are 1 best solutions below

Laurenz Albe On 14 December 2021 at 11:29

You can set the following PostgreSQL parameters:

ssl = on
ssl_cert_file = 'server.crt'
ssl_key_file = 'server.key'
ssl_passphrase_command = 'echo "mypassword"'
ssl_passphrase_command_supports_reload = on

Here, echo is an operating system command that just echos the argument. You will have to escape special characters like ' or " in the password.

How to use SSL with Passphrase for PostgreSQL?

There are 1 best solutions below

Related Questions in POSTGRESQL

Related Questions in SSL

Related Questions in OPENSSL

Related Questions in SSL-CERTIFICATE

Related Questions in PASSPHRASE

Trending Questions

Popular # Hahtags

Popular Questions