[pgpool-general: 277] Re: Authentication help?

Tatsuo Ishii ishii at postgresql.org
Sat Mar 10 08:34:27 JST 2012


psql on the server where pgpool is running can connect to all 4
PostgreSQl servers?
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp

> PGPoolII 3.1.2, and here's the errors:
> 
> Mar  8 17:26:15 xxx pgpool: LOG:   pid 11532: connection received: host=127.0.0.1 port=49590
> Mar  8 17:26:15 xxx pgpool: ERROR: pid 11532: pool_ssl: Loading SSL certificate: No such file or directory
> Mar  8 17:26:15 xxx pgpool: LOG:   pid 11532: pool_do_auth: maybe protocol version mismatch (current version 3)
> 
> That middle-error is fine because we dont want PGPool actually offering SSL to its clients (we handle that with stunnel), but we do use SSL on the backend connections to the DB. 
> 
> —Matt
> 
> 
> On Mar 8, 2012, at 2:39 PM, Tatsuo Ishii wrote:
> 
>>> Hey I'm working on a new PGPool setup for our PG 9.1 environment. Right now we have 1 master server and 3 slaves. I've got PGPool only setup in Load Balancing mode, and only listing the slaves at the moment ― I'll be adding the master in later today. 
>>> 
>>> I'm not sure how PGPool is handling auth... If I connect to pgpool's port with the 'postgres' user it works just fine. However, if I connect with any other user I immediately get kicked out (I see a 'psql: ' line, then get kicked out). I've tried with and without enable_pool_hba.
>>> 
>>> Our backends all have a line like this in pg_hba.conf:
>>> 
>>>> hostssl all all 10.0.0.0/8 password
>>>> hostssl replication all 10.0.0.0/8 password
>>> 
>>> and our pgpool is configured to connect as 'postgres' for healthchecks and replication checks. Can someone explain how I need to configure pgpool so that I can auth with our role accounts?
>> 
>> Pgpool version? Can you please show me the pgpool log when psql was kicked out?
>> --
>> Tatsuo Ishii
>> SRA OSS, Inc. Japan
>> English: http://www.sraoss.co.jp/index_en.php
>> Japanese: http://www.sraoss.co.jp
> 


More information about the pgpool-general mailing list