[pgpool-general: 8480] Re: How to find out if TLS connection is used
Matej Hasul
matej.hasul at gooddata.com
Fri Nov 4 23:40:29 JST 2022
On Fri, Nov 4, 2022 at 1:37 PM Tatsuo Ishii <ishii at sraoss.co.jp> wrote:
> > Hi there,
> > I'm curious if there is any way to check if the frontend connection is
> > using TLS or not. Sofar I've found out that "ssl_key" is used in the log
> > message:
>
> I have no idea where "ssl_key" comes from. Can you share your setting
> of log_line_prefix in pgpool.conf, and what version of pgpool?
>
Using pgpool bundled in the bitnami postgresql-ha chart -
https://github.com/bitnami/charts/tree/main/bitnami/postgresql-ha. Pgpool
version is 4.3.2.
log_line_prefix variable is commented out in my config file thus assuming
default is used:
I have no name!@tiger-db-pgpool-54cb799d45-6nwf2:/opt/bitnami/pgpool/conf$
cat pgpool.conf | grep -i log_line
#log_line_prefix = '%m: %a pid %p: ' # printf-style string to output at
beginning of each log line.
>
> > 2022-11-04 11:21:25.954: ssl_key pid 159: LOG: new connection received
> > 2022-11-04 11:21:25.954: ssl_key pid 159: DETAIL: connecting
> host=[local]
> > 2022-11-04 11:21:35.123: ssl_key pid 150: LOG: new connection received
> > 2022-11-04 11:21:35.123: ssl_key pid 150: DETAIL: connecting
> host=[local]
> > 2022-11-04 11:21:45.151: ssl_key pid 156: LOG: new connection received
> > 2022-11-04 11:21:45.151: ssl_key pid 156: DETAIL: connecting
> host=[local]
> > 2022-11-04 11:21:57.399: psql pid 155: LOG: pool_ssl: "SSL_read": "no
> SSL
> > error reported"
> > 2022-11-04 11:22:45.257: ssl_key pid 154: LOG: new connection received
> > 2022-11-04 11:22:45.257: ssl_key pid 154: DETAIL: connecting
> host=[local]
> >
> > Is there a better way to check if the connection is secured by TLS or
> not?
>
> Unfortunately no except setting log_min_messages = debug1 in
> pgpool.conf but this will produce lots of other debug messages.
>
Thanks, with debug1 I can see following:
2022-11-04 14:37:17.558: psql pid 165: DETAIL: SSLRequest from client
>
> Best reagards,
> --
> Tatsuo Ishii
> SRA OSS LLC
> English: http://www.sraoss.co.jp/index_en/
> Japanese:http://www.sraoss.co.jp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pgpool.net/pipermail/pgpool-general/attachments/20221104/1fab2042/attachment.htm>
More information about the pgpool-general
mailing list