Now that the certificate and key files created, we need to tell PostgreSQL to use them.
The first file we need to edit is postgresql.conf. Open the file in a text editor and look for the line:
#ssl = off # (change requires restart)
and change it to
ssl = on # (change requires restart)
Also, uncomment the next line so it reads:
ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers
Save the changes.
The next file we need to edit is pg_hba.conf. Near the bottom, you should see this line:
host all all 0.0.0.0/0 md5
Note: You may see "password" instead of "md5". If so, we recommend you change it to "md5" for all entries since it is a little more secure.
Immediately above that line, enter a new line that looks like this:
hostssl all all 0.0.0.0/0 md5
Save the changes, then restart the PostgreSQL service. In EventSentry, the service name for the built-in database is called "EventSentry Database".