We Keep Coding

mix ecto.create fails (** (Postgrex.Error) FATAL 28000 (invalid_authorization_specification) Ident authentication failed for user "postgres)

11:06:04.676 [error] GenServer #PID<0.290.0> terminating
** (Postgrex.Error) FATAL 28000 (invalid_authorization_specification) Ident authentication failed for user "postgres"
(db_connection 2.4.1) lib/db_connection/connection.ex:100: DBConnection.Connection.connect/2
(connection 1.1.0) lib/connection.ex:622: Connection.enter_connect/5
(stdlib 3.17) proc_lib.erl:226: :proc_lib.init_p_do_apply/3
Last message: nil
State: Postgrex.Protocol
11:06:04.695 [error] GenServer #PID<0.297.0> terminating
** (Postgrex.Error) FATAL 28000 (invalid_authorization_specification) Ident authentication failed for user "postgres"
(db_connection 2.4.1) lib/db_connection/connection.ex:100: DBConnection.Connection.connect/2
(connection 1.1.0) lib/connection.ex:622: Connection.enter_connect/5
(stdlib 3.17) proc_lib.erl:226: :proc_lib.init_p_do_apply/3
Last message: nil
State: Postgrex.Protocol
** (Mix) The database for Helloworld.Repo couldn't be created: killed
I already tried everything. I am on Fedora 35, i did all that the official Fedora PostgreSQL docs said. I changed the pg_hba.conf for this:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 ident
host replication all ::1/128 ident
I setted a password for the user postgres, i initialize it, and nothing happens.
I browsed through some 10 questions here on StackOverflow and none of the solutions works.
Any help?

Simply replace ident with md5 in pg_hba.conf and reload PostgreSQL, then you can use password authentication for localhost connections.

RDS PostgreSQL - too may connections for database "db_name"

I'm getting too many connections for database error. But there's only 6 active connections to the entire Postgres RDS Server.
Npgsql.PostgresException (0x80004005): 53300: too many connections for
database "db_name"
Max Connections: 300
Active Connections: 6
SELECT * FROM pg_stat_activity where datname = 'dbname'; is getting empty

PgPool-II backend authentication failed

I'm trying to configure pgpool as the load balancer for my Postgres cluster.
I have two postgres nodes, 1 master and 1 slave.
My pg_hba.conf looks like
hostssl user mydb 1.1.1.1/32 md5
hostssl user postgres 1.1.1.1/32 md5
host user mydb 1.1.1.1/32 md5
host user postgres 1.1.1.1/32 md5
where 1.1.1.1/32 is my actual pgpool server IP.
If I try to establish a connection to ether master or slave using psql right from the pgpool container, I can do it without any problems.
But when I start pgpool I got this error message:
2021-10-26 13:50:13: pid 753: ERROR: backend authentication failed
2021-10-26 13:50:13: pid 753: DETAIL: backend response with kind 'E' when expecting 'R'
2021-10-26 13:50:13: pid 753: HINT: This issue can be caused by version mismatch (current version 3)
2021-10-26 13:50:13: pid 736: ERROR: backend authentication failed
2021-10-26 13:50:13: pid 736: DETAIL: backend response with kind 'E' when expecting 'R'
2021-10-26 13:50:13: pid 736: HINT: This issue can be caused by version mismatch (current version 2)
If I edit pool_passwd file and set some invalid password I got a proper error
2021-10-26 13:59:03: pid 736: ERROR: md5 authentication failed
2021-10-26 13:59:03: pid 736: DETAIL: password does not match
So I guess that's not a problem with my postgres credentials.
Any ideas?

Docbase could not connect to the database error in documentum content server installation

While I am installing Documentum content server on AWS EKS, I am receiving this Error.
Postgress DB is installed on EC2 VM.
14:20:47,013 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerModifyDocbaseDirectory
- The installer will create the folder structure for repository postgres. 14:20:47,021 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerPasswordFileGenerator
- The installer is generating database password file... 14:20:47,111 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerIniGenerator
- The installer will create server.in file for repository postgres. 14:20:47,152 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCreateTableSpaceScriptGenerator
- The installer will create scripts to for Postgresql Database. 14:20:47,152 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCreateTableSpaceScriptGenerator
- The URL is jar:file:/tmp/install.dir.208/InstallerData/installer.zip!/dm_CreateTableSpace.sql 14:20:47,209 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCopyDeleteTableSpaceScript
- The installer will move file /opt/dctm/dba/config/postgres/dm_DeleteTableSpace.sql to a new location /opt/dctm/server_uninstall/delete_db/postgres/dm_DeleteTableSpace.sql. 14:20:47,214 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCreateTableSpace
- The installer is executing the : Creating the database script. 14:20:47,355 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerWebCacheIniGenerator
- The installer will create webcache.ini file for the repository. 14:20:47,394 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerTestServerIni
- The installer is testing the database connection information 14:20:47,395 INFO [main] com.documentum.install.server.common.services.db.DiServerPostgresqlServer
- The installer is validating the database connection information in the server.ini file. 14:20:47,563 ERROR [main] com.documentum.install.server.installanywhere.actions.DiWAServerTestServerIni
- Docbase could not connect to the database. Please check output file for more information: /tmp/291406.tmp/DBTestResult18051870723865753931.tmp com.documentum.install.shared.common.error.DiException: Docbase could not connect to the database. Please check output file for more information: /tmp/291406.tmp/DBTestResult18051870723865753931.tmp
This is log of dm_CreateTableSpace.out
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:1: ERROR: role "postgres" already exists
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:3: ERROR: zero-length delimited identifier at or near """"
LINE 1: GRANT "postgres" TO "";
^
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:6: ERROR: database "dm_postgres_docbase" already exists
ALTER DATABASE
GRANT
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:9: ERROR: zero-length delimited identifier at or near """"
LINE 1: REVOKE "postgres" FROM "";
^
You are now connected to database "dm_postgres_docbase" as user "postgres".
CREATE SCHEMA
SET
GRANT
GRANT
GRANT
I don't understand how to make it working.
Even I am facing issues with Postgres RDS Instant i.e.
GRANT "postgres" TO ""
The log is getting generated on PostgreSQL ec2 instance
2021-07-20 11:53:46.434 UTC [7854] dctm#dm_dctm_docbase FATAL:
password authentication fail
ed for user "dctm" 2021-07-20 11:53:46.434 UTC [7854]
dctm#dm_dctm_docbase DETAIL: Role "dctm" does not exist.
Connection matched pg_hba.conf line 99: "host all all 172
.16.0.0/16 md5" 2021-07-20 11:53:46.436 UTC [7855]
dctm#dm_dctm_docbase FATAL: password authentication fail
ed for user "dctm" 2021-07-20 11:53:46.436 UTC [7855]
dctm#dm_dctm_docbase DETAIL: Role "dctm" does not exist.
Connection matched pg_hba.conf line 99: "host all all 172
.16.0.0/16 md5" 2021-07-20 11:53:49.056 UTC [7857]
postgres#postgres ERROR: zero-length delimited identifie
r at or near """" at character 17 2021-07-20 11:53:49.056 UTC [7857]
postgres#postgres STATEMENT: GRANT "dctm" TO ""; 2021-07-20
11:53:49.145 UTC [7857] postgres#postgres ERROR: zero-length
delimited identifie
r at or near """" at character 20 2021-07-20 11:53:49.145 UTC [7857]
postgres#postgres STATEMENT: REVOKE "dctm" FROM ""; password
authentication fail ed for user "dctm" 2021-07-20
11:53:46.434 UTC [7854] dctm#dm_dctm_docbase DETAIL: Role "dctm" does
not exist.
I am using PostgreSQL superuser login and is working fine with cli.
updated the value in heml chart i.e values.yaml for documentum : content-server.

Every time you try to re-run the install you should completely delete everything. It looks like Postgres has the tablespace already created and that's why the test is failing

PostgreSQL SSL Configuration

I have tried a lot but did't get exact knowledge to copy which files to client side
Getting error " Valid authentication certificate required"
Below is postgres DB server directory
total 80
skipping unwanted directory
-rw-------. 1 postgres postgres 1285 Feb 13 20:16 rootCA.crt
-rw-------. 1 postgres postgres 1168 Feb 13 20:16 server.crt
-rw-------. 1 postgres postgres 1679 Feb 13 20:17 server.key
Below is postgresql.conf file content related to SSL configuration.
[postgres#munmvs2951 raj]$ cat postgresql.conf | grep ssl
ssl = on # (change requires restart)
ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
#ssl_prefer_server_ciphers = on # (change requires restart)
#ssl_ecdh_curve = 'prime256v1' # (change requires restart)
#ssl_renegotiation_limit = 512MB # amount of data between renegotiations
ssl_cert_file = 'server.crt' # (change requires restart)
ssl_key_file = 'server.key' # (change requires restart)
ssl_ca_file = 'rootCA.crt' # (change requires restart)
#ssl_crl_file = '' # (change requires restart)
Below is the pg_hba file.
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres trust
#host replication postgres 127.0.0.1/32 trust
#host replication postgres ::1/128 trust
#secure client
hostssl postgres postgres clientip/32 md5 clientcert=1
Below is the client side PostgreSQL user home directory from where psql will connect to server.
[postgres#clinet ~]$ ll
total 32
-rw------- 1 postgres postgres 1168 Feb 15 10:27 client.crt
-rw------- 1 postgres postgres 989 Feb 15 10:27 client.csr
-rw------- 1 postgres postgres 1285 Feb 15 11:47 rootCA.crt
-rw------- 1 postgres postgres 1675 Feb 15 11:47 rootCA.key
-rw------- 1 postgres postgres 17 Feb 15 11:47 rootCA.srl
-rw------- 1 postgres postgres 1168 Feb 15 11:47 server.crt
-rw------- 1 postgres postgres 989 Feb 15 11:47 server.csr
-rw------- 1 postgres postgres 1679 Feb 15 11:47 server.key
[postgres#client ~]$ pwd
/home/postgres
when i going to connect, getting below error.
[postgres#client ~]$ /opt/PostgresPlus/9.4AS/bin/psql -U postgres -p5443 -hserverip
psql.bin: FATAL: connection requires a valid client certificate
FATAL: no pg_hba.conf entry for host "10.80.x.x", user "postgres", database "postgres", SSL off
However, I can access without clientcert=1 in pg_hba file.
Ref:
[postgres#client ~]$ /opt/PostgresPlus/9.4AS/bin/psql -U postgres -p5443 -hserverip
psql.bin (9.4.1.3)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.
postgres=#
In above successful connection, i think ssl checking only at server side not client side.
but i want to know which files should i copy to PostgreSQL home directory #client side. to check certificate as per clientcert=1
Thanks for your help.

See https://www.postgresql.org/docs/current/libpq-ssl.html
Below is the client side PostgreSQL user home directory from where psql will connect to server
They do not belong in the home directory, they belong in a subdirectory of the home directory named .postgresql. Or in Windows, in a directory named "%APPDATA% \ postgresql". And file rootCA.crt has to be named root.crt, unless you have gone out of your way to change the name/location on the client side configuration, which it doesn't seem you have done (you have changed it on the server side, but that doesn't change it on the client side). And client.crt should be named postgresql.crt and you are missing the key file for it. And the fact that you have a file named rootCA.key in the client's directory is frightening, no one but the CA should have access to that.