Я использую Kong 10.x с хранилищем данных postgresql 9.6. Я хочу установить ssl-соединение между Конгом и его хранилищем данных postgresql. Но я получаю следующие ошибки:

Postgresql Ошибка:

LOG:  could not accept SSL connection: tlsv1 alert unknown ca

Ошибка из Конга:

/usr/local/share/lua/5.1/kong/cmd/migrations.lua:34: [postgres error] could not retrieve current migrations: [postgres error] connection refused

Ниже приведены мои конфигурации Kong и Postgresql:

Kong:

# Kong configuration file
# DATASTORE
database = postgres                
pg_host = 10.0.1.191
pg_port = 5432
pg_user = kong
pg_password = kong
pg_database = kong    
pg_ssl = on    
pg_ssl_verify = on

# DEVELOPMENT & MISCELLANEOUS
lua_ssl_trusted_certificate = /opt/postgres_ssl/postgresql.crt  # Absolute path to the certificate

Postgresql:

pg_hba.conf:

hostssl all         all    10.0.1.191/32             md5 clientcert=1

postgresql.conf:

listen_addresses = '10.0.1.191'
ssl_cert_file = 'server.crt'
ssl_key_file = 'server.key'
ssl_ca_file = 'root.crt'

Процедура генерации сертификата:

openssl genrsa -passout pass:mypass -des3 -out server.key 1024
openssl rsa -passin pass:mypass -in server.key -out server.key
chmod 400 server.key
openssl req -new -key server.key -days 3650 -out server.crt -x509 -subj '/C=IN/ST=Maharastra/L=Mumbai/O=Development/CN=10.0.1.191'
cp server.crt root.crt
openssl genrsa -passout pass:iotadmin -des3 -out postgresql.key 1024
openssl rsa -in postgresql.key -out postgresql.key -passin pass:mypass
openssl req -new -key postgresql.key -days 3650 -out postgresql.csr -subj '/C=IN/ST=Maharastra/L=Mumbai/O=Development/CN=kong'
openssl x509 -req -in postgresql.csr -CA root.crt -CAkey server.key -out postgresql.crt -CAcreateserial