Ruby on rails 无法建立Postgres SSL连接

我正试图让一个流浪环境运行一个Rails应用程序，该应用程序连接到Heroku上托管的远程Postgres数据库。在我的主机（Mac OS X）上运行这个应用程序运行得很好，但在我的vagrant box中的新Ubuntu安装上失败，即使它们指向同一个源目录。以下是我在尝试启动web服务器时得到的信息：

00:02:22 web.1  | Connecting to database specified by database.yml
00:02:22 web.1  | /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/postgresql_adapter.rb:1216:in `initialize': FATAL:  no pg_hba.conf entry for host "207.172.212.123", user "user", database "database", SSL off (PG::ConnectionBad)
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/postgresql_adapter.rb:1216:in `new'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/postgresql_adapter.rb:1216:in `connect'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/postgresql_adapter.rb:324:in `initialize'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/postgresql_adapter.rb:28:in `new'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/postgresql_adapter.rb:28:in `postgresql_connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:315:in `new_connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:325:in `checkout_new_connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:247:in `block (2 levels) in checkout'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:242:in `loop'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:242:in `block in checkout'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/2.0.0/monitor.rb:211:in `mon_synchronize'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:239:in `checkout'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:102:in `block in connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/2.0.0/monitor.rb:211:in `mon_synchronize'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:101:in `connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:410:in `retrieve_connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/composite_primary_keys-5.0.13/lib/composite_primary_keys/connection_adapters/abstract/connection_specification_changes.rb:47:in `retrieve_connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/composite_primary_keys-5.0.13/lib/composite_primary_keys/connection_adapters/abstract/connection_specification_changes.rb:29:in `connection'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activerecord-3.2.13/lib/active_record/railtie.rb:88:in `block in <class:Railtie>'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/railties-3.2.13/lib/rails/initializable.rb:30:in `instance_exec'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/railties-3.2.13/lib/rails/initializable.rb:30:in `run'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/railties-3.2.13/lib/rails/initializable.rb:55:in `block in run_initializers'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/railties-3.2.13/lib/rails/initializable.rb:54:in `each'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/railties-3.2.13/lib/rails/initializable.rb:54:in `run_initializers'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/railties-3.2.13/lib/rails/application.rb:136:in `initialize!'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/railties-3.2.13/lib/rails/railtie/configurable.rb:30:in `method_missing'
00:02:22 web.1  |   from /vagrant/config/environment.rb:5:in `<top (required)>'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activesupport-3.2.13/lib/active_support/dependencies.rb:251:in `require'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activesupport-3.2.13/lib/active_support/dependencies.rb:251:in `block in require'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activesupport-3.2.13/lib/active_support/dependencies.rb:236:in `load_dependency'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/activesupport-3.2.13/lib/active_support/dependencies.rb:251:in `require'
00:02:22 web.1  |   from config.ru:4:in `block in <main>'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/rack-1.4.5/lib/rack/builder.rb:51:in `instance_eval'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/rack-1.4.5/lib/rack/builder.rb:51:in `initialize'
00:02:22 web.1  |   from config.ru:1:in `new'
00:02:22 web.1  |   from config.ru:1:in `<main>'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/unicorn-4.6.3/lib/unicorn.rb:48:in `eval'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/unicorn-4.6.3/lib/unicorn.rb:48:in `block in builder'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/unicorn-4.6.3/lib/unicorn/http_server.rb:722:in `call'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/unicorn-4.6.3/lib/unicorn/http_server.rb:722:in `build_app!'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/unicorn-4.6.3/lib/unicorn/http_server.rb:140:in `start'
00:02:22 web.1  |   from /opt/ruby/lib/ruby/gems/2.0.0/gems/unicorn-4.6.3/bin/unicorn:126:in `<top (required)>'
00:02:22 web.1  |   from /opt/ruby/bin/unicorn:23:in `load'
00:02:22 web.1  |   from /opt/ruby/bin/unicorn:23:in `<main>'
00:02:22 web.1  | exited with code 1

---

这个配置可以在我的Mac上运行，但不能在Ubuntu虚拟机上运行。我还尝试添加了sslmode:require，但也没有帮助。

关键错误部分是：

致命：主机“207.172.212.123”、用户“user”、数据库“database”没有pg_hba.conf条目，SSL关闭

这表明您没有尝试建立SSL连接。您需要明确地告诉

libpq

（Pg gem和Rails使用它来连接PostgreSQL），您需要SSL连接，方法是找到将

sslmode

参数传递到

libpq

的方法，其值为

require

建议将Pg gem修改为自动协商SSL。所以猜测一下，你的Mac电脑上的版本比你的Ubuntu盒子上的版本要新。对于旧版本，似乎没有简单的方法来指定需要SSL，但是根据文章的第一个答案，可以使用带有

SSL=true

的连接字符串的JDBC URL格式来解决这个问题，但这有点难看

您的评论表明您的Pg gem没有将

sslmode

理解为

database.yml

中的一个选项，而默默地忽略了它

在这种情况下，我会尝试使用一个字符串：

 adapter: postgresql
 database: "dbname=database host=207.172.212.123 user=user sslmode=require"
 ...

一般来说，您可以在任何可以使用

libpq

放置数据库名称的地方提供connstring。如果这样做，您应该在

数据库.yml中省去
用户
、
主机
等键。我还没有用Rails测试过它，但这种方法适用于大多数情况

或者，您可以将Pg gem更新为正确支持SSL的Pg gem。它看起来像一个连接选项

更新：

事实证明，Ubuntu box上的
libpq
不支持SSL。
@CraigRinger本文档似乎更关注服务器端需求，而不是客户端需求。我正在连接一个通过Heroku托管的数据库，它在我的Mac上使用SSL工作，而不是Ubuntu。有没有想过为什么Ubuntu服务器的客户端不会使用SSL连接？啊，好的。通常的问题是人们没有配置SSL服务器端。如果你在使用Heroku，这不是问题（你在任何地方都没有提到，只有“ubuntu服务器”，这表明你是Pg的自宿主）。@CraigRinger我更新了问题，使之更清楚。问题在第一行。这与Ruby、gems或Rails无关。您的Postgres服务器正在拒绝连接。我没有答案，但这与Postgres权限有关。我将尝试对database.yml进行更改，但这两个设置都使用pg gem的0.17.1版本，如Gemfile.lock中指定的，它们都共享该文件。@ChrisJackson，这使事情更有趣。libpq中不同的编译时默认值？Ubuntu盒上的libpq支持SSL吗？请尝试
psql“dbname=database host=207.172.212.123 user=user sslmode=require”
（对真实细节进行了适当的更改）。这里可能有一些问题，我从Ubuntu服务器上得到了以下信息：“psql:sslmode value”require“未编译SSL支持时无效”。但是，来自我的Mac的同一个命令成功连接，这就是区别因素。好的，运行这些命令可以正常工作：sudo add apt repository ppa:pitti/postgresql sudo apt get update sudo apt get install postgresql-9.2-y@ChrisJackson所以这是一个构建问题。总的来说，我建议使用来自而不是一些随机PPA的PostgreSQL包，但很高兴您已经开始使用了。
 adapter: postgresql
 database: "dbname=database host=207.172.212.123 user=user sslmode=require"
 ...