org.postgresql.util.PSQLException: FATAL: no pg_hba.conf entry for host

45
votes

I am trying to connect to PostgreSQL database which is in remote location using Spring JDBC template. I am getting

org.postgresql.util.PSQLException: FATAL: no pg_hba.conf entry for host "139.126.243.71", user "guest", database "masterdb", SSL off error

I don't have access to pg_hba.conf file of the remote location.

This is the configuration I gave in my spring servlet.xml

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="org.postgresql.Driver"/>
    <property name="url" value="jdbc:postgresql://100.64.35.52":5432/masterdb"/>
    <property name="username" value="root"/>
    <property name="password" value="root"/>
</bean>

Can we solve the issue by giving any properties?

6
postgresql
At a guess, SSL is probably required. Try adding ?ssl=true to the JDBC URI.Craig Ringer
I tried by adding ?ssl=true to the JDBC URI but it still shows the same error. org.postgresql.util.PSQLException: FATAL: no pg_hba.conf entry for host "139.126.243.71", user "guest", database "masterdb", SSL onSilpa Bhatraju
If pg_hba.conf prevents connection to that database from your IP, then there is nothing you can do other than ask the admin to change pg_hba.conf Did you try to connect with simple psql program?nagylzs
what about mac with same issueSANTOSH

6 Answers

60
votes

It seems that DB server does not allow SSL off connection, You will have to enable it. Change URL from jdbc:postgresql://100.64.35.52":5432/masterdb to jdbc:postgresql://100.64.35.52":5432/masterdb?sslmode=require

Check mode details about ssl mode at http://www.postgresql.org/docs/9.1/static/libpq-ssl.html

32
votes

You must apply below changes to connect:

Navigate to the the following location C:\Program Files (maybe x86)\PostgreSQL\(your version)\data

postgresql.conf file:

check the listen_addresses be = * ( by default its localhost in some postgres versions) if it isn't you must change it to *. It's used to listen on all interfaces.

pg_hba.conf file:

add a new row : 

host all all 0.0.0.0/0 md5

( use of above row is better) or 

host guest masterdb 139.126.243.71 md5

And finally it's very important that the ssl mode is to be on. For this add below command in the end of your url:

?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory

In Terms of Bean as

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="org.postgresql.Driver"/>
    <property name="url" value="jdbc:postgresql://100.64.35.52":5432/masterdb?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory"/>
    <property name="username" value="root"/>
    <property name="password" value="root"/>
</bean>
5
votes

Error explanation

The file pg_hba.conf (host-based authentication configuration file) is used to control the client authentication. This file is located in the database cluster's data directory.

The error java.sql.SQLException: FATAL: no pg_hba.conf entry for host "<your-host-ip>", user "<postgres-user>", database "<db-name>", SSL off means that Postgres accepts SSL connections but your are trying to connect without SSL.

Secured connection

If a certificate is requested from the client during SSL connection startup, it means that the DBA has set the clientcert parameter in pg_hba.conf. Note that if clientcert is not specified (or set to 0), the server will NOT insist that a client certificate be presented.

Check if database server is using SSL

Before trying to access your SSL enabled server from Java, make sure that you can get to it via psql.

If you want to connect with a given user at a given port:

$ psql -h <server-ip> -p <server-port> -d <db-name> -U <user>

Or if you want to connect at the default port with your current user:

$ psql -h <server-ip>

You should see an such output if you have established a SSL connection:

$ psql -h <server-ip> -d <db-name> -U <user>
psql (11.2, Server 9.6.5)

SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)

Note that the last line contains 'SSL connection'.

JDBC connection parameters

  • ssl must be set if the server required a secured connection. Note that both ssl=true or ssl work but ssl=true is recommended for the coming future release of Postgres.
  • sslfactory provides the class name to use as the SSLSocketFactory when establishing a SSL connection.

The JDBC driver provdies an option to establish a SSL connection without doing any validation (but it's risky!).

A non-validating connection is established via a custom SSLSocketFactory class that is provided with the driver. Setting the connection URL parameter sslfactory=org.postgresql.ssl.NonValidatingFactory will turn off all SSL validation.

This was my case and why I also got the same error you had. So, to establish the connection I have:

jdbc:postgresql://<ip-address>:<port>/<db-name>?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory

References

3
votes

Combined settings

I tried the suggestions given by @craig-ringer

jdbc:postgresql://100.64.35.52":5432/masterdb?ssl=true

and given by @amit

jdbc:postgresql://100.64.35.52":5432/masterdb?sslmode=require

neither worked. But when I combined them to:

jdbc:postgresql://100.64.35.52":5432/masterdb?ssl=true&sslmode=require

It worked.

1
votes

See my answer here, basically had to put user/pwd in url property

url="jdbc:postgresql://server:port/mydb?user=fred&amp;password=secret"
0
votes

You must have root access edit pg_hba.conf.

  • goto root user
  • edit /var/lib/pgsql/12/data/pg_hba.conf

host all all 139.126.243.71/32 trust

  1. Restart Postgres [service postgresql-12.service restart].