[pgpool-general: 8053] Re: SSL transport between Pgpool and Postgres
Mike
some.drunken.dude at tutanota.com
Wed Mar 30 22:49:55 JST 2022
Mar 30, 2022, 03:35 by ishii at sraoss.co.jp:
>> Hi pgpool users
>>
>>
>> I had spent way too much time trying to get pgpool to talk to CloudSQL Postgres instance using SSL. I will appreciate any comments.
>>
>>
>> From reading and trying it is my understanding that this should be possible. Or am I wrong?
>> Anyone had any luck doing the above in conjunction with Google's CloudSQL?
>>
>>
>> In a nutshell, in clear text, everything works as expected. After pointing pgpool to CloudSQL CA certs from Google using:
>>
>>
>> ssl = true
>> ssl_ca_cert_dir = '/etc/pgpool/ca'
>>
>>
>> * I am 100% CA certificates from Google are OK. However pgpool complains: ""SSL_connect": "certificate verify failed""
>> * CloudSQL complains: db=[unknown],user=[unknown] LOG: could not accept SSL connection: BAD_PACKET_LENGTH"
>> * I had tried pgpool 4.2.6 and 4.3 with Alpine Edge
>> * CloudSQL version of Postgres is 13
>> * Pointing pgpool at /etc/ssl/certs (which included Google's certificates) made no difference
>>
>
> Are you trying to set up cert authentication between pgpool and
> CloudSQL? It's not supported in pgpool.
>
> Best reagards,
> --
> Tatsuo Ishii
> SRA OSS, Inc. Japan
> English: http://www.sraoss.co.jp/index_en.php
> Japanese:http://www.sraoss.co.jp
>
Hi Tatsuo,
thanks for your response! Is it something that will be supported in upcoming versions?
Also, I am not entirely sure, but is the issue I had described related to this:
https://www.sraoss.jp/pipermail/pgpool-hackers/2020-January/003488.html
Thank you!
Mike
More information about the pgpool-general
mailing list