[Pgpool-hackers] [PATCH 1/3] Fix documentation typo in sample config files
Sean Finney
sean at stickybit.se
Sun Jan 31 19:44:48 UTC 2010
Hi!
Could it be server.crt vs server.cert (i see both in what you pasted
below). Perhaps not but couldn't help but ask :)
I think generally speaking the error reporting could use improvement;
there's some strerror type functions in openssl that ill try to make
use of in a subsequent patch.
I'll look into this a bit more (along with your previous mail)
tomorrow or tuesday.
sean
--
This mail was sent from a mobile device
31 jan 2010 kl. 14.19 skrev Tatsuo Ishii <ishii at sraoss.co.jp>:
> Sean,
>
>>> I haven't touched any of the pg_hba.conf code yet, so I'm guessing
>>> that
>>> we'll need to add a bit more to support the hostssl/hostnossl config
>>> options (and in the meantime the previous behavior is probably
>>> still there,
>>> whatever it may be).
>>
>> Ok. I don't think hostssl/hostnossl support is mandatory anyway.
>>
>> Another questions.
>>
>> If SSL support is disabled in PostgreSQL and SSL support is enabled
>> on
>> frontend and pgool, what will happen? My guess is, communication
>> between frontend and pgpool is SSL ciphered, but between pgpool and
>> PostgreSQL is not.
>>
>> What will happen if one of PostgreSQL supports SSL but others do not?
>>
>> BTW, I have committed your last patches with "show pool_status"
>> support. Can you verify CVS HEAD?
>
> I have tried frontend->pgpool SSL support but I got following error:
>
> pool_ssl: SSL cert failure: 33558530
>
> I have created server.key and server.cert file and let pgpool.conf
> point them:
>
> ssl_key = '/usr/local/etc/server.key'
> ssl_cert = '/usr/local/etc/server.cert'
>
> server.key and server.cert file were created as follows:
>
> openssl genrsa -out server.key 1024
> openssl req -new -key server.key -x509 -days 365 -out server.crt
>
> This way, pgpool sucessfully connects to PostgreSQL with SSL enabled.
>
> Am I missing something?
> --
> Tatsuo Ishii
> SRA OSS, Inc. Japan
> English: http://www.sraoss.co.jp/index_en.php
> Japanese: http://www.sraoss.co.jp
More information about the Pgpool-hackers
mailing list