[Qgis-developer] Working on Postgres provider PKI authentication support

Luigi Pirelli luipir at gmail.com
Mon Jan 11 11:08:18 PST 2016


I shared it also for this reason

I hope is well configured for the travis context... it's open to have
only ssl cert connection from every host.
It works till verify-ca but not vefiry-full because test server cert
is locked to "localhost" commonName only and docker instance use a
different ip.

enjoy these dockers and thanks to Time to share first ssl enabled
postgis docker.


Luigi Pirelli

**************************************************************************************************
* Boundless QGIS Support/Development: lpirelli AT boundlessgeo DOT com
* LinkedIn: https://www.linkedin.com/in/luigipirelli
* Stackexchange: http://gis.stackexchange.com/users/19667/luigi-pirelli
* GitHub: https://github.com/luipir
* Mastering QGIS:
https://www.packtpub.com/application-development/mastering-qgis
**************************************************************************************************


On 11 January 2016 at 19:58, Matthias Kuhn <matthias at opengis.ch> wrote:
> Hi Luigi,
>
> Would it make sense to start such a container on travis and run some
> checks against it from the test suite?
> This would allow for a very quick feedback if somebody cuts the wrong wire.
>
> Best regards,
> Matthias
>
> On 01/11/2016 07:43 PM, Luigi Pirelli wrote:
>> Hi SebDieBln (I've no your email)
>>
>> I'm working for Boundless to add PKI authentication to postgres
>> provider. I see you did some work on it:
>> https://github.com/qgis/QGIS/pull/2473
>>
>> This email is to share some instruments I did to allow a environmental
>> testing. I hope are useful for you and for all the community.
>>
>> I'm developing qgis patches here (<- sorry SebDieBln ;) )
>> https://github.com/luipir/qgis/tree/postgis-pki
>>
>> To allow a better testing env (integration test not unit test) I
>> prepared some docker data containers on the top of tim's
>> kartoza/postgis docker.
>> These containers allow to run a postgis container configured to accept
>> certified connections using test certs in:
>> https://github.com/qgis/QGIS/tree/master/tests/testdata/auth_system/certs_keys
>>
>> You can find this containers here (sorry again ;) )
>> https://github.com/luipir/Postgis-pki-datacontainers
>>
>> eventually you can use this container to setup a certified connection
>> for you db manager patches.
>>
>> Luigi Pirelli
>>
>> **************************************************************************************************
>> * Boundless QGIS Support/Development: lpirelli AT boundlessgeo DOT com
>> * LinkedIn: https://www.linkedin.com/in/luigipirelli
>> * Stackexchange: http://gis.stackexchange.com/users/19667/luigi-pirelli
>> * GitHub: https://github.com/luipir
>> * Mastering QGIS:
>> https://www.packtpub.com/application-development/mastering-qgis
>> **************************************************************************************************
>> _______________________________________________
>> Qgis-developer mailing list
>> Qgis-developer at lists.osgeo.org
>> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer
>> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer
>
> --
> Matthias Kuhn
> OPENGIS.ch - https://www.opengis.ch
> Spatial • (Q)GIS • PostGIS • Open Source
>
>
>
> _______________________________________________
> Qgis-developer mailing list
> Qgis-developer at lists.osgeo.org
> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer
> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer


More information about the Qgis-developer mailing list