Skip to content

Instantly share code, notes, and snippets.

@dlangille

dlangille/postgresql.conf SSL settings

Last active August 22, 2019 15:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dlangille/3895ed9fb568133b88614c5c4bb26f82 to your computer and use it in GitHub Desktop.
Save dlangille/3895ed9fb568133b88614c5c4bb26f82 to your computer and use it in GitHub Desktop.
Download ZIP
PostgreSQL default SSL settings
Raw
postgresql.conf SSL settings
ssl = on
#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
#ssl_prefer_server_ciphers = on
#ssl_ecdh_curve = 'prime256v1
ssl_dh_params_file = '/usr/local/etc/ssl/dh_params.txt'
ssl_cert_file = '/usr/local/etc/ssl/HOSTNAME.cer'
ssl_key_file = '/usr/local/etc/ssl/HOSTNAME.key'
ssl_ca_file = '/usr/local/etc/ssl/ca.cer'
#ssl_crl_file = ''
dh_params.txt can be created with this command
openssl dhparam -out /usr/local/etc/ssl/dh_params.txt 2048
cd /usr/local/etc/ssl/
sudo chown postgres:postgres HOSTNAME.crt HOSTNAME.key
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment