[pgpool-general: 5435] Re: Brain fart on my part? :-)
Karl Denninger
karl at denninger.net
Wed Apr 26 04:24:16 JST 2017
On 4/25/2017 13:48, Karl Denninger wrote:
>
> I've been running pgpool-II for a very long time as a connection
> pooler on a local host. It works very well.
>
> Now I wish to use it across the Internet, potentially, which
> introduces security concerns. Therefore I wish to have the connection
> to the back end use SSL, while for the *on-same machine* client
> connections I don't care and in fact I'd prefer it be off (since
> otherwise you need to actually encrypt/decrypt TWICE)
>
> Is this supportable?
>
> I turned ssl on but when I connect to pgpool the connection to the
> server is NOT SSL-enabled, and I get an error because the pg_hba.conf
> on the back end server is set to require ssl.
>
> If I use psql directly to the server (with -h and -p) then it works.
>
>
Indeed it was a brain fart; it appears that despite my attempt to turn
on openssl it didn't build with it, and having found that, it is working.
My apologies for the interruption. :-)
--
Karl Denninger
karl at denninger.net <mailto:karl at denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20170425/90f86789/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2993 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20170425/90f86789/attachment.p7s>
More information about the pgpool-general
mailing list