| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | valerian <valerian2(at)hotpop(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: [7.3] can't connect with SSL |
| Date: | 2002-12-06 19:07:13 |
| Message-ID: | 200212061907.gB6J7Dp05672@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
valerian wrote:
> On Fri, Dec 06, 2002 at 12:44:13PM -0500, Bruce Momjian wrote:
> >
> > We did overhaul the SSL code for 7.3, and I was able to get it working
> > using OpenSSL 0.9.6e 30 Jul 2002. Have you read the new SSL
> > documentation in 7.3?
>
> Ah, so I must be using an outdated openssl then. I had read the INSTALL
> file before compiling v7.3, but it didn't mention anything beyond making
> sure you have a full openssl installation (with headers and all that).
We didn't know what OpenSSL releases it supported.
> I checked the new docs, but the SSL section doesn't say much beyond how
> to create certificates and setup your pg_hba.conf. The SSH tunnel idea
Yep, that was all we have.
> works fine though. Guess I'll run with that for now. It's not as nice
> as having 'hostssl' as the only remote connection option (since it
> doesn't enforce encryption), but oh well.
I had hostssl working here on BSD/OS. One issue we had was that he went
with TLS encryption, which he said was fairly new but is the best one to
use. I got it working here so I figured it was OK. It would be
interesting to know if a newer version fixes it for you.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2002-12-06 19:56:47 | Re: Size for vacuum_mem |
| Previous Message | scott.marlowe | 2002-12-06 19:04:11 | Re: Getting data from old data dir |