| From: | zhong ming wu <mr(dot)z(dot)m(dot)wu(at)gmail(dot)com> |
|---|---|
| To: | Merlin Moncure <mmoncure(at)gmail(dot)com> |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: stunnel with just postgresql client part |
| Date: | 2011-05-09 22:03:29 |
| Message-ID: | BANLkTimK=WrkZK-ytN_k29pAcFAzGimN8w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, May 9, 2011 at 4:37 PM, Merlin Moncure <mmoncure(at)gmail(dot)com> wrote:
>> I was not setting protocol. But since I got your message, I tried
>> 'protocol = pgsql' in stunnel.conf
>
> see: http://pgbouncer.projects.postgresql.org/doc/faq.html#_how_to_use_ssl_connections_with_pgbouncer
>
> "Use Stunnel. Since version 4.27 it supports PostgreSQL protocol for
> both client and server side. It is activated by setting
> protocol=pgsql.
>
> For older 4.2x versions the support code is available as patch:
> stunnel-postgres.diff
>
> Alternative is to use Stunnel on both sides of connection, then the
> protocol support is not needed."
>
Thanks. Yes, when I installed the latest stunnel-4.36 it works.
One strange thing I notice. When I do ssl connect with psql I am
supposed to get a message like
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
With client side stunnel and (nonssl capable) psql I am not getting
this message. But still the connection seems to be ssl..
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Merlin Moncure | 2011-05-09 22:42:49 | Re: stunnel with just postgresql client part |
| Previous Message | Tomas Vondra | 2011-05-09 21:52:02 | Re: FILLFACTOR and increasing index |