[pgpool-general: 5435] Re: Brain fart on my part? :-)

Karl Denninger karl at denninger.net
Wed Apr 26 04:24:16 JST 2017

On 4/25/2017 13:48, Karl Denninger wrote:
> I've been running pgpool-II for a very long time as a connection
> pooler on a local host.  It works very well.
> Now I wish to use it across the Internet, potentially, which
> introduces security concerns.  Therefore I wish to have the connection
> to the back end use SSL, while for the *on-same machine* client
> connections I don't care and in fact I'd prefer it be off (since
> otherwise you need to actually encrypt/decrypt TWICE)
> Is this supportable?
> I turned ssl on but when I connect to pgpool the connection to the
> server is NOT SSL-enabled, and I get an error because the pg_hba.conf
> on the back end server is set to require ssl.
> If I use psql directly to the server (with -h and -p) then it works.
Indeed it was a brain fart; it appears that despite my attempt to turn
on openssl it didn't build with it, and having found that, it is working.

My apologies for the interruption. :-)

Karl Denninger
karl at denninger.net <mailto:karl at denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20170425/90f86789/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2993 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20170425/90f86789/attachment.p7s>

More information about the pgpool-general mailing list