Configuring PostgreSQL

This additional integration describes how to configure a new PostgreSQL database system or updating an existing PostgreSQL database system for use with Validation Authority.

The instructions in this additional integration apply to PostgreSQL 8.4 version but the concepts are also applicable to PostgreSQL 9.x.

Configure the PostgreSQL Database

PostgreSQL must be compiled and installed on the server. There are a few steps required to use PostgreSQL for storing the Validation Authority database. PostgreSQL must be configured to allow TCP/IP connections from the machine where Validation Authority is running. Typically, this means that TCP/IP connections must be allowed from localhost (IP address 127.0.0.1). This requires small changes to two PostgreSQL configuration files. To make these changes, you must be a database owner (for example the postgres user, if available).

Perform the standard compilation and installation of the PostgreSQL binaries.
- If you are using a modern Linux installation, then PostgreSQL binaries will come pre-installed.
- If you are using other Linux platforms, then PostgreSQL can be compiled from sources from:
  
  http://www.postgresql.org/docs/current/static/install-getsource.html
Follow the instructions in th e source package to compile and install PostgreSQL with standard configuration settings.
You can locate the two configuration files to change in the following directory (if yours is a typical location): /var/lib/pgsql/data/.

If this directory is empty, and you haven’t run PostgreSQL on this machine, then you must run the following command:
Copy
```
initdb -D /var/lib/pgsql/data/
```
To instruct PostgreSQL to listen for TCP/IP connections from external software applications:

For PostgreSQL version 8, edit the first configuration file, postgresql.conf, so that it contains the following line:
Copy
```
tcpip_socket = true
```
For PostgreSQL version 9, edit the first configuration file, postgresql.conf, so that it contains the following line:
Copy
```
listen_address = '*'
```
Edit the second configuration file pg_hba.conf. This file must be modified to specify which users and hosts may make TCP/IP connections to this system. Place the following line at the end of the pg_hba.conf file:
Copy
```
host all all 127.0.0.1 255.255.255.255 password
host all all ::/0 trust
host all all <network/mask> trust
```
This line allows password-based TCP/IP connections to PostgreSQL database accounts from programs running on the same machine.
Restart the PostgreSQL server process, if it is running.

On Linux, first ensure that the server is stopped by running this command (as root):
Copy
```
> /etc/init.d/postgresql stop
If it is running, then you will see:
Stopping postgresql service: [ OK ]
```
Next, start the server:
Copy
```
> /etc/init.d/postgresql start
```
You will see:

Starting postgresql service: [ OK ]

Note: HID Global recommends that you create a new PostgreSQL user name and password as well as a database instance to contain the data. This prevents any conflicts with other programs that use PostgreSQL.

The following steps assume that a PostgreSQL account named rtc and a database instance named rtc have been created.
Execute the following PostgreSQL command. Typically, this command would be run from the special 'postgres' system account:
Copy
```
> createuser --createdb --no-adduser --pwprompt rtc
Enter password for new role:
Enter it again:
```
Create an rtc database instance that is owned by the rtc user:
Copy
```
> createdb --username rtc --host localhost rtc
```
On Linux systems, the PostgreSQL database server can be configured to automatically start when the machine boots. This ensures that it is available whenever the machine is on. Typically, this is done by editing the initialization scripts in the /etc directory.

On a current Linux system, you can enable PostgreSQL for automatic restart by executing these commands (as root):
Copy
```
> cd /etc/rc3.d/
> rm K15postgresql
> ln -s ../init.d/postgresql S15postgresql
```
Once PostgreSQL has been installed and started, use the Validation Authority Configuration interface to configure Validation Authority for use with PostgreSQL. Now, you can configure the database parameters by running the Validation Authority Configuration on the server that hosts Validation Authority that will use this PostgreSQL database. For details, see the following section.

Configure Validation Authority Database Parameters

After you have installed and configured the PostgreSQL database, you must configure the Validation Authority software to use that database, as originally described in section Start Validation Authority Configuration.

Select PostgreSQL from the Vendor drop-down list. Enter the following for each field:
- Host: localhost
- Port: 5432
- Database: rtc
- Username: rtc
- Password: The password you provided in the previous section, refer to step 6.
Continue with the remaining Validation Authority configuration steps as described in sections Configure Validation Authority for Automatic Start-Up and Shut Down for Windows and Configure Validation Authority for Automatic Start-Up and Shut Down for Linux.