Note: you can also use pgadmin as described in the Windows setup to make these changes if you prefer.
Another was to get the key config parameters is to use pgtune and paste the results at the bottom of the postgresql.conf file (don't forget to add ssl=on and Bonjour=on to the results).
1. |
You will need to start by changing to the postgres user in Terminal. To do this, start Terminal and type
su - postgres enter the password |
||||||||||||||||
2. | Go to the Postgres data directory by typing
cd data |
||||||||||||||||
3. |
This will use VI to edit it. Type when the list appears, type to go into insert mode and use the up and down arrows to find the options below
Find and edit the parameters in the list below and change them to the suggested values, if they are not already set to that value.
For any setting that is about disk space or memory, you can type 1GB, 1000MB, or 1000000KB - they are all equivalent. Do not leave a space between the number and the memory amount at the GB, MB or KB; otherwise, Postgres will not start. |
||||||||||||||||
4. |
use pgtune to get some optimized parameters for your machine and replace the values below. It is probably better to append the results from pgtune at the end and filling any missing settings at the bottom.
Reference for postgres.conf file parameters https://www.postgresql.org/docs/current/static/runtime-config.html |
||||||||||||||||
5. | Once the changes are made, type, in this order:
hit the ' ' key(the insert mode will disappear) (the window will show the 'Entering EX mode' message) and the window will clear and you will be back at terminal |
It is generally best to create your own certificate. It takes about 30 seconds to do, and has the advantage that the certificate is unique to your database.
Start a terminal session, type the following 2 commands, and then follow the instructions as prompted. You can copy/paste the command.
cd /Users/Shared openssl req -newkey rsa:4096 -nodes -keyout server.key -x509 -days 365 -out server.crt |
Answer all the questions you are asked and when done, find the files in the /Users/Shared directory called:
We have created a 4094 bit TLS certificate and included it with the installer. While it is better to create your own, if you need one fast to get started, you can use ours and create your own later (per the step above).
Go to the /Users/Shared folder and find the files called:
You will need to copy the files to the Postgres User directory as the postgres user. Do the following commands in Terminal:
su - postgres (and enter the password when asked)
cd data pwd |
Make sure the results of the pwd command says that the directory is /Library/PostgreSQL/x/data where 'x' is the version of PostgreSQL you have installed. It if does not, do not go any further. and call for assistance. |
cp /Users/Shared/server.crt server.crt cp /Users/Shared/server.key server.key chown postgres:daemon server.* chmod 600 server.* ls -la |
In the listing, the two files should now be in the postgres data directory and all that needs to occur is to stop and restart the database.
pg_ctl stop -m fast pg_ctl start |