[Pgpool-general] Error with SSL Consection
Lazaro Rubén García Martinez
lgarciam at vnz.uci.cu
Wed Nov 23 13:56:43 UTC 2011
Tatsuo, thank you very much for your answer, the problem was solved and now I can connect through SSL:
In the command window i can see that:
psql -U desarrollo -h 10.13.4.201 -p 9999 -d postgres
Contraseña para usuario desarrollo:
psql (9.0.5)
conexión SSL (cifrado: AES256-SHA, bits: 256)
Digite «help» para obtener ayuda.
However in the pgpool log these errors are shown, although the connection was succesful, there are some errors in pgpool log file.
The log says that the connection was established without problem, but the debug message are matched to ERROR label. Would this a possible bug?
2011-11-23 04:37:25 LOG: pid 17472: connection received: host=10.13.4.201 port=47519
2011-11-23 04:37:25 DEBUG: pid 17472: Protocol Major: 1234 Minor: 5679 database: user:
2011-11-23 04:37:25 DEBUG: pid 17472: SSLRequest from client
2011-11-23 04:37:25 DEBUG: pid 17472: read_startup_packet: application_name: psql
2011-11-23 04:37:25 DEBUG: pid 17472: Protocol Major: 3 Minor: 0 database: postgres user: desarrollo
2011-11-23 04:37:25 DEBUG: pid 17472: new_connection: connecting 0 backend
2011-11-23 04:37:25 DEBUG: pid 17472: new_connection: connecting 1 backend
2011-11-23 04:37:25 DEBUG: pid 17472: pool_ssl: sending client->server SSL request
2011-11-23 04:37:25 DEBUG: pid 17472: pool_ssl: client->server SSL response: S
2011-11-23 04:37:25 DEBUG: pid 17472: pool_ssl: sending client->server SSL request
2011-11-23 04:37:25 DEBUG: pid 17472: pool_ssl: client->server SSL response: S
2011-11-23 04:37:25 DEBUG: pid 17472: pool_read_message_length: slot: 0 length: 12
2011-11-23 04:37:25 DEBUG: pid 17472: pool_read_message_length: slot: 1 length: 12
2011-11-23 04:37:25 DEBUG: pid 17472: pool_do_auth: auth kind:5
2011-11-23 04:37:25 DEBUG: pid 17472: trying md5 authentication
2011-11-23 04:37:25 ERROR: pid 17472: pool_ssl: SSL_read: no SSL error reported
2011-11-23 04:37:25 ERROR: pid 17472: pool_read: read failed (Success)
Regards.
-----Mensaje original-----
De: Tatsuo Ishii [mailto:ishii at sraoss.co.jp]
Enviado el: miércoles, 23 de noviembre de 2011 04:21
Para: Lazaro Rubén García Martinez
CC: pgpool-general at pgfoundry.org
Asunto: Re: [Pgpool-general] Error with SSL Consection
Can you try like this?
1) configure num_init_children to 1.
2) restart pgpool
3) find pgpool child process pid(hint: ps status is "pgpool: wait for connection request")
4) strace -p the_pid
5) connect to pgpool
strace should show where pgpool tried to find ssl cert file. Make sure that
it is /opt/pgpool/ssl/server.cert.
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
> Hello everyone in the list, I am proving the connecting SSL through with Pgpool, the pgpool configuration parameters related with SSL are:
>
> # - SSL Connections -
>
> ssl = on
> ssl_key = '/opt/pgpool/ssl/server.key'
> ssl_cert = '/opt/pgpool/ssl/server.cert'
> #ssl_ca_cert = ''
> #ssl_ca_cert_dir = ''
>
> But in pgpool.log file i see this error:
>
> 2011-11-22 06:42:02 LOG: pid 14011: connection received: host=10.13.4.201 port=40434
> 2011-11-22 06:42:02 DEBUG: pid 14011: Protocol Major: 1234 Minor: 5679 database: user:
> 2011-11-22 06:42:02 DEBUG: pid 14011: SSLRequest from client
> 2011-11-22 06:42:02 ERROR: pid 14011: pool_ssl: Loading SSL certificate: No such file or directory
>
> Nevertheless I can connect to postgreSQL through Pgpool.
>
> Please can anybody tell me, What could be the reason for this error?
>
> I am using Pgpool-II V_3.1_stable with PostgreSQL 9.0.5.
>
> Regards.
More information about the Pgpool-general
mailing list