Susan Joseph sandajos...@verizon.net -----Original Message----- From: Stephen Frost <sfr...@snowman.net> To: Susan Joseph <sandajos...@verizon.net> Cc: pgsql-gene...@postgresql.org <pgsql-gene...@postgresql.org> Sent: Thu, Sep 3, 2020 9:12 am Subject: Re: SSL between Primary and Seconday PostgreSQL DBs
Greetings, * Susan Joseph (sandajos...@verizon.net) wrote: > So I made the changes on the secondary to change the sslmode to verify-fullI > removed the clientcert=1 in pg_hba.conf and removed any connections other > than sslI removed the passfile info from recovery.confand now I am getting > this error: > 2020-09-03 13:01:49.990 UTC [7963] FATAL: could not connect to the primary > server: server certificate for "lc-subca-pg.theforest.sap" does not match > host name "192.168.1.142" >>Yes, as I explained, because of exactly the issue that the host you've >>told your secondary to connect to (looks like 192.168.1.142) doesn't >>match the certificate presented by the primary (which looks to be >>"lc-subca-pg.theforest.sap"). OK so I fixed that in my recovery.conf file so it is not set to the IP but to the FQDN and it is no longer throwing this error. >>The answer is to make those two match. Thanks, Stephen
