In order for the databases to be accessible to all Secure Messaging Gateway servers, Postgres must be configured to allow remote connections.
Configure Postgres to allow remote connections.
To configure Postgres to allow remote connections a file must be modified.
NOTE:The file must be modified as root user.
The file which must be modified is: (replace the 9.x directory with the running version of Postgres. Likely 9.5)
As the root user, open the pg_hba.conf file with the preferred editor and locate the line: # IPv4 local connections:
host all all 127.0.0.1/32 md5
This line only specifies connections from the localhost. Add new connection addresses to this line to allow for multiple and remote connections.
Modify the line to make it look similar to this:
# IPv4 local connections: host all all 127.0.0.1/32 md5 host all all 10.1.29.0/24 md5
Determine and set allowed connection addresses.
Modifying the pg_hba_conf file correctly requires that the IP addresses of the remaining Secure Messaging Gateway servers are known. The addresses may be specified individually or they may be specified in a range.
For example, the above specified address setting of â10.1.29.0/24â will allow connections from any address of 10.1.29.x.
If a subnet of addresses is desired, it may also be specified as such:
10.0.0.0/8 Will allow any connection from addresses 10.x.x.x
172.16.0.0/16 Will allow any connection from addresses 172.16.x.x
192.168.1.0/24 Will allow any connection from addresses 192.168.1.x
Or if a specific IP is to be specified: 192.168.1.20/32
Once the file has been modified to allow connections from the desired addresses, save the file.
Postgres must be restarted to load the new configuration. Once Postgres has been restarted, the rest of the Secure Messaging Gateway servers may be deployed and initialized.
With Postgres now configured to allow multiple connections, the initialization of the rest of the Secure Messaging Gateway servers may be completed. Make sure that the address for the newly configured Postgres server is used for configuring the remaining servers