Hi Lucee folks,
We are currently running Railo 4.1.2.005 final.
We want to create a datasource in Railo that will execute a database query on a Heroku Postgres database.
When we try to create the datasource we get this message:
FATAL: no pg_hba.conf entry for host “131.204.97.7”, user “kgdxxwchqhfwto”, database “d200shbvfilcsq”, SSL off
FATAL: no pg_hba.conf entry for host
Igal Sapir
Lucee Core Developer
Lucee.org
--
You received this message because you are subscribed to the Google Groups "Lucee" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/23e12a48-001e-4aa9-a67b-f18fa08a45b5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hi there,
We don't permit editing of the pg_hba.conf - however we do permit access to your Postgres DB from all IP addresses. If you're using the credentials outside of Heroku check that you are using SSL for the connection
Regards,
John.
You’ll probably need to create your own connection string for the datasource which specifies SSL, like so:
jdbc:postgresql://[heroku IP address]/[database]?user=[username]&password=[password]&ssl=true
When you create the datasource in the Lucee admin, select Other - JDBC Driver, then enter your connection string in the box provided.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/1c3a3ab0-d9dc-47d8-a6cb-cc024cbd3c81%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/378578ff-ff6a-4ad1-b469-e2bbd6637204%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/8057c79f-3add-4c33-b155-d7a925d6287c%40googlegroups.com.
Your connection string (the first example) looks valid. Assuming it’s PG 9.3+ running on Amazon, here are the JDBC connection string docs:
https://jdbc.postgresql.org/documentation/head/connect.html
the &ssl
doesn’t need a boolean with it anymore, though.
Does that AWS instance use a non-standard port? You may need to specify the port. I just tried using a connection connection string in Lucee against a PGSQL server running on 9.3 w/ SSL and it connected up right away (though Lucee required me to also enter user/pass information in the datasource config fields.
Try this (using the Lucee user/pass info and omitting it from the connections string):
org.postgresql.Driver
jdbc:postgresql://ec2-184-73-254-144.compute-1.amazonaws.com/d200shbvfilcsq?ssl=true
I’m wondering if SSL is using a different port, as when I run psql:
psql -h ec2-184-73-254-144.compute-1.amazonaws.com
it gives me the FATAL: no pg_hba.conf entry for host "[my ip address]", user "test", database "test", SSL off
error, which says that it’s not listening on 5432 with SSL (psql would negotiate encryption automatically if that port was using SSL).
If it’s a different port, then you would need to add that to your connection string.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/8057c79f-3add-4c33-b155-d7a925d6287c%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/etPan.551eaa85.30861fde.7515%40jonclausen-mbp.local.
Can you connect directly from the command line with psql?
psql --host=ec2-184-73-254-144.compute-1.amazonaws.com --port=5432 --username=[your username] --password "dbname=d200shbvfilcsq"
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/af40b5ff-4907-4f89-8945-0d1b39f09af1%40googlegroups.com.
Then you need the libraries installed (or you need to run them as the postgres user). If you’re on a Mac or Linux try:
which psql
to see if it can be found. If not, then install them via homebrew or your Linux package management system (yum, apt, zypper,etc)
If you’re on Windows, then you’ll need to download the installer from PostgreSQL http://www.postgresql.org/download/windows/
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/68ce4cdb-acbd-45c6-b16c-01905cac1610%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/etPan.551eb815.2685cf6c.7515%40jonclausen-mbp.local.
...
--
You received this message because you are subscribed to the Google Groups "Lucee" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/13e9cf06-5f6e-4df6-95ac-c01d4bd152b6%40googlegroups.com.
I’ve never used Windows’ certificate store before so, honestly, I’m not sure. The keytool utility in your [JRE Home]/bin directory works well for this. You will need to restart Lucee/Railo.
keytool -import -alias awsRDS -trustcacerts -keystore cacerts -file rds-combined-ca-bundle.pem
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/49911e01-297b-4bc1-9086-606f1e19206f%40googlegroups.com.
available datasource names are [MuraRailo,music_3_user,slotc,cla_calendar,cla_07_user,cla_scholarships_2,cla_07_user_3,music_3_admin,history,ed3,siciliane,english_apps,english2004
|
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/fadc99d2-56fa-4d56-b4ef-258d712a661d%40googlegroups.com.