[pgpool-general: 5434] Brain fart on my part? :-)

Karl Denninger karl at denninger.net
Wed Apr 26 03:48:58 JST 2017

I've been running pgpool-II for a very long time as a connection pooler
on a local host.  It works very well.

Now I wish to use it across the Internet, potentially, which introduces
security concerns.  Therefore I wish to have the connection to the back
end use SSL, while for the *on-same machine* client connections I don't
care and in fact I'd prefer it be off (since otherwise you need to
actually encrypt/decrypt TWICE)

Is this supportable?

I turned ssl on but when I connect to pgpool the connection to the
server is NOT SSL-enabled, and I get an error because the pg_hba.conf on
the back end server is set to require ssl.

If I use psql directly to the server (with -h and -p) then it works.

Karl Denninger
karl at denninger.net <mailto:karl at denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20170425/32468575/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2993 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20170425/32468575/attachment.p7s>

More information about the pgpool-general mailing list