[Pgpool-general] SSL communication between clients and pgpool-II

[Erwan]

Please accept my apologies : my server.cert file was not the good one 
(not generated with the server.key file... damn it! :) )
May be it would be nice if some debug could be printed in the log?

Once again, thank you for PgPool-II!

/Erwan


On 03/11/2011 06:46 PM, Erwan wrote:
> Hi there,
>
> I'm a total beginner with pgpool-II which I would like to use as a 
> full load balancer for my read queries.
> Everything works great and now I try to have a full SSL communication 
> between my client and pgpool-II.
>
> To do this I recompile it with the following configure command:
> ./configure --prefix=/usr/local/pgpool-II-3.0.3_with_ssl --with-openssl
> make
> make install
>
> Then I change my pgpool.conf:
> ...
> ssl = true
> ssl_key = '/usr/local/pgpool-II-3.0.3_with_ssl/etc/server.key'
> ssl_cert = '/usr/local/pgpool-II-3.0.3_with_ssl/etc/server.cert'
> ...
>
>
> I launch pgpool-II with this command:
> /usr/local/pgpool-II-3.0.3_with_ssl/bin/pgpool -f 
> /usr/local/pgpool-II-3.0.3_with_ssl/etc/pgpool.conf -F 
> /usr/local/pgpool-II-3.0.3_with_ssl/etc/pcp.conf -c >> 
> /tmp/pgpool-II.log 2>&1 &
>
>
> Thanks to wireshark, I can read the network stream between my client 
> and pgpool-II... and I can see that my password is transferred in 
> clear text with my new SSL configuration.
> I got nothing special in my log (about misconfiguration or something 
> else...) so I'm a little lost.
>
> I presume I did something wrong or maybe forgot something or most 
> probably I didn't understand something.
> Any clue about secured communication between client and pgpool-II will 
> be greatly appreciated.
> And per advance forgive my question if it's a stupid one :)
>
> Thanks
> /Erwan
> _______________________________________________
> Pgpool-general mailing list
> Pgpool-general at pgfoundry.org
> http://pgfoundry.org/mailman/listinfo/pgpool-general