[Pgpool-hackers] [PATCH 1/3] Fix documentation typo in sample config files
Tatsuo Ishii
ishii at sraoss.co.jp
Sun Jan 31 13:19:33 UTC 2010
Sean,
> > I haven't touched any of the pg_hba.conf code yet, so I'm guessing that
> > we'll need to add a bit more to support the hostssl/hostnossl config
> > options (and in the meantime the previous behavior is probably still there,
> > whatever it may be).
>
> Ok. I don't think hostssl/hostnossl support is mandatory anyway.
>
> Another questions.
>
> If SSL support is disabled in PostgreSQL and SSL support is enabled on
> frontend and pgool, what will happen? My guess is, communication
> between frontend and pgpool is SSL ciphered, but between pgpool and
> PostgreSQL is not.
>
> What will happen if one of PostgreSQL supports SSL but others do not?
>
> BTW, I have committed your last patches with "show pool_status"
> support. Can you verify CVS HEAD?
I have tried frontend->pgpool SSL support but I got following error:
pool_ssl: SSL cert failure: 33558530
I have created server.key and server.cert file and let pgpool.conf
point them:
ssl_key = '/usr/local/etc/server.key'
ssl_cert = '/usr/local/etc/server.cert'
server.key and server.cert file were created as follows:
openssl genrsa -out server.key 1024
openssl req -new -key server.key -x509 -days 365 -out server.crt
This way, pgpool sucessfully connects to PostgreSQL with SSL enabled.
Am I missing something?
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
More information about the Pgpool-hackers
mailing list