Configuring PostgreSQL Cluster as the Backend Database11 minutes to read
PostgreSQL is an advanced open-source RDBMS system with unique features, like fault-tolerant capabilities, scalability, stability, etc., designed to handle huge workloads. PAM360 already employs PostgreSQL as its default database, which comes bundled with the product. Now, to increase the scalability on a large scale and improve the operations and functionality of the application, PAM360 allows users to configure the PostgreSQL cluster as a standalone external backend database. At the end of this document, you will have learned about configuring the PostgreSQL cluster as the backend database. 1. Configuring PostgreSQL Cluster as the Backend Database
Now, you have successfully configured the PostgreSQL cluster as the backend database. 2. SSL Generation for PostgreSQL ClusterAn SSL connection is required for a secured connection between the PostgreSQL database cluster and the PAM360 application. To establish the SSL connection, the root CA of the PostgreSQL database cluster is required. 2.1 Using a CA-Signed SSL Certificate for the PostgreSQL ClusterIf you have a CA-signed SSL certificate, proceed directly with the certificate installation from step 4. Else, follow the below steps 1 to 3 to generate and install a new CA-signed certificate:
Following these steps will help you generate a private key and certificate request, get it signed by a CA, and install both the server and root certificates on the respective machines. 2.2 Self-Signed SSL Generation for the PostgreSQL ClusterIf you have a self-signed SSL certificate, proceed directly with the certificate installation from section 2.2.1. Else, follow the below steps to generate and install a new self-signed certificate:
Notes: Note: If you are about to use a wildcard certificate for the PostgreSQL database, place the wildcard certificate along with the respective private key file in the <PostgreSQL Installation Directory>\data directory path. 2.2.1 Configuring the PostgreSQL Database Cluster to use the SSL
listen_addresses = '*' ssl = on Note: If you are using a wildcard certificate for the PostgreSQL database, update the ssl_ca_file parameter with no attribute (ssl_ca_file=''). 1.3 SSL Connection ValidationTo validate the SSL connection configuration either using a CA-signed or self-signed certificate, perform the following steps:
| |
[Webinar] Weave privileged access security into your org-wide ITSM workflows. Register now