[pgpool-general: 276] Re: Authentication help?

[Matt Wise]

PGPoolII 3.1.2, and here's the errors:

Mar  8 17:26:15 xxx pgpool: LOG:   pid 11532: connection received: host=127.0.0.1 port=49590
Mar  8 17:26:15 xxx pgpool: ERROR: pid 11532: pool_ssl: Loading SSL certificate: No such file or directory
Mar  8 17:26:15 xxx pgpool: LOG:   pid 11532: pool_do_auth: maybe protocol version mismatch (current version 3)

That middle-error is fine because we dont want PGPool actually offering SSL to its clients (we handle that with stunnel), but we do use SSL on the backend connections to the DB. 

—Matt


On Mar 8, 2012, at 2:39 PM, Tatsuo Ishii wrote:

>> Hey I'm working on a new PGPool setup for our PG 9.1 environment. Right now we have 1 master server and 3 slaves. I've got PGPool only setup in Load Balancing mode, and only listing the slaves at the moment ― I'll be adding the master in later today. 
>> 
>> I'm not sure how PGPool is handling auth... If I connect to pgpool's port with the 'postgres' user it works just fine. However, if I connect with any other user I immediately get kicked out (I see a 'psql: ' line, then get kicked out). I've tried with and without enable_pool_hba.
>> 
>> Our backends all have a line like this in pg_hba.conf:
>> 
>>> hostssl all all 10.0.0.0/8 password
>>> hostssl replication all 10.0.0.0/8 password
>> 
>> and our pgpool is configured to connect as 'postgres' for healthchecks and replication checks. Can someone explain how I need to configure pgpool so that I can auth with our role accounts?
> 
> Pgpool version? Can you please show me the pgpool log when psql was kicked out?
> --
> Tatsuo Ishii
> SRA OSS, Inc. Japan
> English: http://www.sraoss.co.jp/index_en.php
> Japanese: http://www.sraoss.co.jp