Table of Contents
What you will read?
To enable SSL for PostgreSQL, generating valid SSL certificates is a crucial step. These certificates ensure that the communication between the PostgreSQL server and its clients is encrypted and authenticated. Below are the steps to generate SSL certificates:
Generate a Private Key
Begin by generating a private key for the server. This key will be used to encrypt the data. Use the openssl command:
openssl genrsa -out server.key 2048
chmod 600 server.keyThe chmod command ensures that only the server process can access the private key.
Create a Certificate Signing Request (CSR)
The CSR is needed to generate a public certificate. Run the following command:
openssl req -new -key server.key -out server.csrFill in the requested details like Common Name (e.g., your VPS’s domain or IP).
Generate the SSL Certificate
You can self-sign the certificate for internal use:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crtThis creates a certificate (server.crt) valid for one year.
Set Permissions
Ensure the key and certificate files have appropriate permissions:
chmod 600 server.key server.crtThese certificates are now ready to be used with PostgreSQL.
Need a Linux Server for This?
Run Debian, Ubuntu, or any Linux distro on DropVPS โ fast NVMe SSD, full root access, and 24/7 support. Perfect for everything you just read.
- Full Root Access
- Debian & Ubuntu Ready
- 99.99% Uptime
- 24/7 Support
No commitment ยท Cancel anytime