| From: | Merlin Moncure <mmoncure(at)gmail(dot)com> |
|---|---|
| To: | zhong ming wu <mr(dot)z(dot)m(dot)wu(at)gmail(dot)com> |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: stunnel with just postgresql client part |
| Date: | 2011-05-09 20:37:15 |
| Message-ID: | BANLkTimBaT-QhdWzWTJ0tJcHJFZDqFnQAg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, May 9, 2011 at 3:24 PM, zhong ming wu <mr(dot)z(dot)m(dot)wu(at)gmail(dot)com> wrote:
> On Mon, May 9, 2011 at 2:01 PM, Merlin Moncure <mmoncure(at)gmail(dot)com> wrote:
> .
> .
> .
>>> It seems to be shame that I have to run stunnel on the pg box as well.
>>>
>>> My question is that client only stunnel to pg server requiring ssl
>>> connection is not expected to work? Or am I doing something wrong?
>>
>> what version stunnel? did you set the protocol in stunnel.conf?
>>
>
>
> stunnel-4.15-2.el5.1
>
> I was not setting protocol. But since I got your message, I tried
> 'protocol = pgsql' in stunnel.conf
see: http://pgbouncer.projects.postgresql.org/doc/faq.html#_how_to_use_ssl_connections_with_pgbouncer
"Use Stunnel. Since version 4.27 it supports PostgreSQL protocol for
both client and server side. It is activated by setting
protocol=pgsql.
For older 4.2x versions the support code is available as patch:
stunnel-postgres.diff
Alternative is to use Stunnel on both sides of connection, then the
protocol support is not needed."
merlin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2011-05-09 20:59:21 | Re: Table name as parameter |
| Previous Message | zhong ming wu | 2011-05-09 20:24:04 | Re: stunnel with just postgresql client part |