psql服务器不侦听端口5432，尽管它'；s在postgresql.conf中_Postgresql_Connection_Port

psql服务器不侦听端口5432，尽管它'；s在postgresql.conf中

postgresql

psql服务器不侦听端口5432，尽管它'；s在postgresql.conf中,postgresql,connection,port,Postgresql,Connection,Port,未应用SSL配置时： pg_hba.conf 主机数据库用户0.0.0.0/0 scram-sha-256 postgresql.conf listen_addresses = ‘*’ port = 5432 ssl = on ssl_cert_file = ‘/etc/ssl/certs/ssl-cert-snakeoil.pem’ ssl_key_file = ‘/wtc/ssl/private/ssl-cert-snakeoil.key’ 我得到：netstat-nl

未应用SSL配置时：

pg_hba.conf 主机数据库用户0.0.0.0/0 scram-sha-256

 postgresql.conf   
 listen_addresses = ‘*’
 port = 5432
 ssl = on
 ssl_cert_file =  ‘/etc/ssl/certs/ssl-cert-snakeoil.pem’
 ssl_key_file = ‘/wtc/ssl/private/ssl-cert-snakeoil.key’

我得到：netstat-nltp

  smadmin@studymatepro:~$ sudo netstat -nltp

  Active Internet connections (only servers)
  Proto    Recv-Q  Send-Q  Local Address  Foreign Address  State program name    
  tcp        0      0      127.0.0.53:53    0.0.0.0:*    LISTEN 970/systemd-resolve 
  tcp        0      0      0.0.0.0:22       0.0.0.0:*   LISTEN      1405/sshd           
  tcp        0      0      127.0.0.1:631    0.0.0.0:*   LISTEN      1079/cupsd          
  tcp        0      0     0.0.0.0:5432     0.0.0.0:*    LISTEN      3780/postgres       
  tcp6       0      0      :::22             :::*       LISTEN      1405/sshd           
  tcp6       0      0       ::1:631          :::*       LISTEN      1079/cupsd          
  tcp6       0      0       :::5432          :::*       LISTEN      3780/postgres       
   smadmin@studymatepro:~$

您可以在端口5432上看到远程tcp/ip；并且可以获得SSL连接（仅限服务器端身份验证）

现在，当我配置SSL并将client.crt、client.key和root.crt添加到客户端计算机时：

pg_hba.conf

hostssl  database  user 0.0.0.0/0  scram-sha-256  clientcert=1

postgresql.conf

   listen_addresses = ‘*’
   port = 5432
   ssl = on
   ssl_cert_file =  ‘/etc/ssl/certs/server.crt’  // my self signed crt 
   ssl_key_file = ‘/etc/ssl/private/server.key’
   ssl_ca_file = ‘/etc/ssl/certs/rootCert.crt’
   ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
   ssl_prefer_server_ciphers = on
   ssl_ecdh_curve = 'prime256v1'
   password_encryption = scram-sha-256

和do:netstat-nltp；我明白了

    Active Internet connections (only servers)
    Proto Recv-Q Send-Q  Local Address    Foreign Address  State PID/Program name    
    tcp        0      0  127.0.0.53:53       0.0.0.0:*     LISTEN      970/systemd-resolve 
    tcp        0      0  0.0.0.0:22          0.0.0.0:*     LISTEN      1405/sshd           
    tcp        0      0  127.0.0.1:631       0.0.0.0:*     LISTEN      1079/cupsd          
    tcp6       0      0  :::22                :::*         LISTEN      1405/sshd           
    tcp6       0      0  ::1:631              :::*         LISTEN      1079/cupsd

端口5432上的远程TCP/IP已丢失！！！这就是为什么我的连接被拒绝，因为远程端口5432不再处于活动状态。

问题是为什么会发生这种情况……我做错了什么？

如果

netstat

是在服务器机器上运行的，我会认为这表明PostgreSQL服务器没有启动。@Laurenz Alba…实际上我在几乎所有步骤中都会执行“systemctl restart PostgreSQL.service”。是的，但是你怎么知道服务器确实启动了？@Laurenz Alba。。。我一直在测试有SSL配置和没有SSL配置的连接，并注意到上面的结果..我在问题区域中提到..这就像修改了问题的完整堆栈。查看PostgreSQL日志文件。