Comment 21 for bug 225125

A possible solution to the impossibility to launch postgres : you should check that the postgres user is still a member of the sss-cert group. I botched the group membership by mistake and wasn't able to launch the server with the same error as above.

Restoring the right membership solved the issue (sudo usermod -aG ssl-cert postgres)

As for the permissions on the key, I have this :
root@endor:/var/lib/postgresql/8.3/main# ls -l server*
lrwxrwxrwx 1 root root 36 2008-10-10 15:15 server.crt -> /etc/ssl/certs/ssl-cert-snakeoil.pem
lrwxrwxrwx 1 root root 38 2008-10-10 15:15 server.key -> /etc/ssl/private/ssl-cert-snakeoil.key

and this :
root@endor:/etc/ssl/private# ls -l
total 4
-rw-r----- 1 root ssl-cert 887 2008-10-10 14:53 ssl-cert-snakeoil.key

So it seems that the key is not rw to the world but the symbolic link is. I'm not good enought to know if that is an issue, unfortunately.