Passing ssl certificates paths to PostgreSQL ODBC driver - postgresql

I'm attempting to connect to a Postgres database that requires the client pass the paths to client and server SSL certificates using the ODBC driver for postgres. I'm using psqlodbc v11 x86 on Windows 10. I need to have three options passed to the ODBC driver sslrootcert, sslcert, and sslkey. I know that the paths are not being passed by the odbc driver since when I connect using the following connection string where I specify the pqopts it is able to connect.
Driver={PostgreSQL UNICODE};Server=XXXX;Port=5432;Database=XXXX;Uid=XXXX;Pwd=XXX;sslmode=verify-ca;pqopt={sslrootcert=C:\\ssl\\pgSQL.ca.cert sslcert=C:\\ssl\\pgSQL.cert sslkey=C:\\ssl\\pgSQL.key}
According to the document section
Advanced Options 3/3 Dialog Box->Libpq parameters, I should be able to pass the parameters by typing the values within the braces directly into the text box. It displays the error message saying that it cannot find the certificate because it is looking in the default location and is not using the value that was provided in the Libpq text box. Am I doing something wrong? Any advise on how to connect passing client certificates would be greatly appreciated.

Answering this in case anyone else finds this useful. The problem seems to be that the Test button on the ODBC Driver doesn't take the options set in the libpq parameters into account and just uses the default settings. When I saved the ODBC connection closed the ODBC Data Source Administrator window and used the connection from a different program it was able to connect successfully.

Related

Mongosqld runs fine, but ODBC fails on test and PowerBI throws error 10060. Connector not working. Windows to two seperate RHEL Servers

The Goal
I need to get data from a MongoDB updated every 15 minutes to use to build into a PowerBI report.
The Gear
I am connected from my windows machine via ssh to an RHEL server (server a). This server is running powerbi connector (SQLD) which is connected to my MongoDB that is running on a different server (server b). I'm also running MySQL on server b. My powerBI connector is installed on server b.
Exactly where I'm at
I am using the steps listed here (and all the associated pages) and have tried everything listed short of writing a config file, as the fact that things are working on mongosqld's end makes me think I don't need it... and if I can't get it working manually, having a config file won't exactly help.
https://docs.mongodb.com/bi-connector/current/connect/powerbi/
Using:
mongosqld --mongo-uri="mongodb://10.xxx.xxx.xx" --auth --mongo-username="ThisGuy" --mongo-password="test"
I successfully map the schema and show an active connection in the command window. I can also access my database from compass using an authorization enabled URL.
When I set up an ODBC connector I use the IP of server a, the user and password from my url, and port 3307. Nothing shows up in the dropdown, when I click 'test' I get the following message:
Connection Failed
[MongoDB][ODBC 1.4(w) Driver]Can't connect to MySQL server4 on '10.xxx.xxx.xxx' (10060)
I have also tried 3306, 27017, and 27015. Just to be safe I also added firewall rules for all traffic on these ports. I've tried this many times, including (just for the hell of it, and I'm kind of new to this stuff) the ip of server b, the ip of my machine, the credentials for MySQL, basically any combination of these things that I can think of.
In powerBI, my odbc driver shows up, and when selected in the dropdown, it asks for a username and password. I have tried both mongo credentials and MySQL. Not sure which I should be using?
regardless, I get the following error inside PowerBI:
Details: "ODBC: ERROR [HY000] [MySQL][ODBC 1.4(w) Driver]Can't connect to MySQL server on '10.xxx.xxx.xxx' (10061)
ERROR [HY000] [MySQL][ODBC 1.4(w) Driver]Can't connect to MySQL server on '10.xxx.xxx.xxx' (10061)"
Thoughts
I don't control either server, although I have root access, being new to this tech and company I am wary of screwing anything up that a co-worker will have to fix. I read in a different SO thread that maybe I need to downgrade the version of MySQL that is running on the server and that it could fix the problem, but I don't think that it will actually help and am afraid I might screw up something else on the server if I do this:
The C Authentication plugin was developed against MySQL 5.7.18 Community Edition (64-bit), and tested with MySQL 5.7.18 Community Edition and the latest version of MongoDB Connector for BI. The plugin is not compatible with MySQL Server or Connector/ODBC driver version 8 and later.
https://dba.stackexchange.com/questions/219550/access-denied-when-connecting-to-mongosqld-with-mysql
Maybe the problem is that server B is listening to server a on port 3307, and that there is another unknown port (not mentioned above) that my ODBC driver must be listening to? I'm not sure how to test for this when you get a step away like this.
So that's it. I'm really stuck and would love some help, I am going to try the downgrade tomorrow if nothing else shakes loose and will keep this thread updated.
Thank you for reading

DNS ODBC Driver configuration for SSH RDS

I´d like to know if it is possible to connect to my rds database from my local machine (windows) using windows odbc data source. My problem is that I use SSH and i don´t know how can I input the parameters in odbc data source. I need this type of connection because I want to access RDS via vba excel. My database is Postgresql.
If you have a publicly accessible database (not recommended by AWS) and your IP address is allowed, then the normal ODBC connection will work.
By the sound of your setup, you have a private database. In which case, your options are:
Use a different ODBC driver that supports tunnelling.
Devart (https://www.devart.com/odbc/postgresql/) and Cdata (https://cdn.cdata.com/help/FPG/odbc/RSBPostgresql_c_SSH.htm) both have ODBC drivers that support SSH tunnelling.
Neither are free.
Use a VPN and point your driver at localhost

SQL Developer missing a library

I'm fairly new to Oracle SQL developer. As I'm trying to make a new connection via TNS, I'm getting this error down below which I've been looking to solve for a while fruitlessly.
Error Message:
Statut : échec -Echec du test : no ocijdbc18 in java.library.path
Assuming MySQL is a typo (You are using port 1521, which is the default port for Oracle database, also its giving you ODBC error, so I assume its an Oracle database. Remember that you can connect SQL developer to a MySQL database, so please clarify if you want to connect to a MySQL database rather than Oracle) your problem is due to lack of Oracle Data Base Connector driver (ODBC). From this link download the latest version of Oracle Instant client and install it on your machine. Then define ORACLE_HOME to the path of Instant client installation (To the actual installation folder, the one that contains folders like bin, network and so on) and restart SQL Developer, then you should be good to go.
P.S. : as #thatjeffsmith has mentioned correctly in the comments, it's not necessary to have Oracle Client and/or ODBC (or similar) drivers in order to connect to an Oracle database. Using basic as the connection type and adding the correct connection info would suffice. This Article in Oracle Magazine has extensively talked about the different connection types.

How do I connect to an AWS PostgreSQL RDS instance using SSL and the sslrootcert parameter from a Windows environment?

We have a Windows EC2 instance on which we are running a custom command line application (C# console app using NpgSQL) to connect to a PostgreSQL RDS instance. Based on the instructions here:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.SSL
we created a new DB parameter group with rds.force_ssl set to 1 and rebooted our RDS instance. We also downloaded and imported to Windows the pem file referenced on the page.
I was able to connect to the RDS instance from my Windows EC2 instance via pgAdmin by specifying SSL mode as Verify-Full. Our command-line application reads connection strings from a file and they look like this now that I've added the sslmode parameter:
Server=OurInstanceAddress;Port=5432;SearchPath='$user,public,topology';Database=OurDatabase;User Id=username;Password=mypassword;sslmode=verify-full;
Using this connection string failed with the error referenced at the bottom of the page:
FATAL: no pg_hba.conf entry for host "host.ip", user "someuser", database "postgres", SSL off
I tried adding the sslrootcert parameter, but I'm not sure if I'm dealing with it properly. I tried using the example (sslrootcert=rds-ssl-ca-cert.pem) and I tried using the name of the pem that I downloaded. I feel like there is something about the path information that I'm giving to the sslrootcert parameter that isn't right, especially in a Windows environment. I've tried using the name, I've tried using the following paths:
- sslrootcert=C:\keys\rds-combined-ca-bundle.pem - single backslash
- sslrootcert=C:\\\keys\\\rds-combined-ca-bundle.pem - double backslash
- sslrootcert=C:/keys/rds-combined-ca-bundle.pem - Linux style backslash
All of these produced the same error mentioned above.
Any insight would be appreciated.
I solved it using the environment variables instead for specifiying cert paths in connection url
-DPGSSLROOTCERT=/certs/root.crt
-DPGSSLKEY=/certs/amazon-postgresql.key
-PGSSLCERT=/certs/amazon-postgresql.crt
Although I'm in cygwin. There are some hints in the documentation when using windows here https://www.postgresql.org/docs/9.0/static/libpq-ssl.html

How does ODBC pull database connection details?

I currently have a Macro which is connecting to a sybase database using ODBC. It's making the connection by running the following:
Set conX = wrkODBC.OpenConnection("Connection1", , True, strConn)
where strConn = "ODBC;DSN=Server_Name;APP=Daily Task;DB=db_name;UID=uname;PWD=pwd;"
The problem I am having is that this connection is working for some Server_Name's but not others. When it doesn't work I get a Error "3146 - ODBC--call failed".
What I don't understand is where it is pulling the server details from. So for example, when using embarcadero rapid to connect to a sybase database, it will use the sql.ini file to pull the server connection details based on the server_name.
I have checked and all the Sybase Servers I am testing are in the sql.ini file and my env variables are pointing to the correct sybase version. I've checked ODBC and it is only picking up a SQL Server driver.
Can anyone please explain how ODBC pulls the server name connection details? I don't understand why it works for some server names, but not others (FYI, I have tested the uname and pwd is rapid to make sure it is correct).
Any information would be much appreciated.
So, the issue was that I was looking at my odbc connections under control panel. I should mention that I am on windows 7. What I had to do was update my ODBC connection details here:
C:/Windows/SYSWOW64/odbcad32.exe
--This is for 32bit!
This had some connections set up which is why I could connect to some servers but not all of them.