| From: | Michael Fuhr <mike(at)fuhr(dot)org> |
|---|---|
| To: | Ray Stell <stellr(at)cns(dot)vt(dot)edu> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: no verification of client certificate? |
| Date: | 2007-03-26 14:00:04 |
| Message-ID: | 20070326140004.GA9109@winnie.fuhr.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin pgsql-docs |
On Mon, Mar 26, 2007 at 09:35:33AM -0400, Ray Stell wrote:
> Knowing how Michael traced the connection with ssldump would be
> VERY helpful.
The simple way is to run ssldump in one shell while running psql
in another:
ssldump -q port 5482 # my 8.2.3 db listens on port 5482
If I want to do more analysis I usually save the connection with
tcpdump first:
tcpdump -s0 -w dumpfile port 5482
The -s0 option is important: it tells tcpdump to capture the entire
packet.
When I'm done with psql I stop tcpdump and run ssldump over the dumpfile:
ssldump -r dumpfile -q
--
Michael Fuhr
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Laszlo Nagy | 2007-03-26 17:17:43 | autovacuum question |
| Previous Message | Daniel Ricardo Medina | 2007-03-26 13:58:00 | Re: URGENT TABLE PG_SHADOW CORRUTEP |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2007-03-30 03:44:58 | Re: [ADMIN] no verification of client certificate? |
| Previous Message | Michael Fuhr | 2007-03-26 13:42:53 | Re: no verification of client certificate? |