Ensure that local trust authentication, is not configured the vRealize Automation appliance PostgreSQL database. This configuration allows any local user, including the database super user, to connect as any PostgreSQL user without a password.

Note:

The Postgres super user account should remain as local trust.

The md5 authentication method is recommended because it sends encrypted passwords.

The client authentication configuration settings reside in the /storage/db/pgdata/pg_hba.conf file.

# TYPE  DATABASE        USER               ADDRESS          METHOD

# "local" is for Unix domain socket connections only
local      all              postgres                            trust
# IPv4 local connections:
#host    all              all                127.0.0.1/32     md5
hostssl    all              all                127.0.0.1/32     md5
# IPv6 local connections:
#host    all              all                ::1/128          md5
hostssl    all              all                ::1/128          md5

# Allow remote connections for VCAC user.
#host    vcac             vcac               0.0.0.0/0        md5
hostssl    vcac             vcac               0.0.0.0/0        md5
hostssl    vcac             vcac               ::0/0        md5
# Allow remote connections for VCAC replication user.
#host    vcac             vcac_replication   0.0.0.0/0        md5
hostssl    vcac          vcac_replication   0.0.0.0/0        md5
hostssl    vcac          vcac_replication   ::0/0        md5
# Allow replication connections by a user with the replication privilege.
#host    replication      vcac_replication   0.0.0.0/0        md5
hostssl    replication      vcac_replication   0.0.0.0/0        md5
hostssl    replication      vcac_replication   ::0/0        md5

If you edit the pg_hba.conf file, you must restart the Postgres server by running the following commands before changes can take effect.

# cd /opt/vmware/vpostgres/9.2/bin
# su postgres 
# ./pg_ctl restart –D /storage/db/pgdata/ -m fast