[pgpool-hackers: 4187] Wrong TODO list item (SSL and health check etc.)

Tatsuo Ishii ishii at sraoss.co.jp
Sun Aug 28 12:28:29 JST 2022

While taking care of https://www.pgpool.net/mantisbt/view.php?id=765,
I noticed that there was wrong item in the TODO list.

Allow SSL in health check etc.
    Health check process connects to PostgreSQL backend without using
    SSL. This means password for connecting PostgreSQL database is
    flying on the wire in plain text. Same thing can be said to the
    streaming replication delay check worker process. It would be nice
    if health check and streaming replication delay check worker
    process use SSL if requested by backend.

Truth is, health check process and streaming replication check process
already support SSL since day 0 (health check - in 2.3.2 on 2010/2/7,
streaming replication check - in 3.0 on 2010/9/10).

Actually if SSL is enabled and PostgreSQL requires SSL for the user
and database, those process connects to PostgreSQL using SSL
connection. You can confirm this by enabling log_connections parameter
in PostgreSQL.conf.

I am going to fix documentation for health check and streaming
replication check soon.

Best reagards,
Tatsuo Ishii
English: http://www.sraoss.co.jp/index_en.php

More information about the pgpool-hackers mailing list