| From: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com> |
|---|---|
| To: | Muhammad Bashir Al-Noimi <mbnoimi(at)gmail(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Force ssl connection |
| Date: | 2013-07-09 21:14:57 |
| Message-ID: | CAMkU=1xRJnFkAhRLhWT0zV3sQ6XCRDCcrm0-9kQrkOBCmGYV8w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, Jul 9, 2013 at 1:55 PM, Muhammad Bashir Al-Noimi
<mbnoimi(at)gmail(dot)com> wrote:
> On 07/09/2013 07:54 PM, Jeff Janes wrote:
>>
>> On Tue, Jul 9, 2013 at 10:02 AM, Muhammad Bashir Al-Noimi
>> <mbnoimi(at)gmail(dot)com> wrote:
>>>
>>> So may you please be more specific, what's wrong in my configurations?
>>>
>>> My pg_hba.conf content is:
>>>
>>> local all postgres peer
>>> local all all peer
>>> host all all 127.0.0.1/32 md5
>>> host all all ::1/128 md5
>>> host all all 0.0.0.0/0 md5
>>> hostssl all all 0.0.0.0/0 md5
>>> hostnossl all all 0.0.0.0/0 reject
>>
>> The line below accepts all connections, whether ssl or nossl:
>>
>> host all all 0.0.0.0/0 md5
>>
>> It takes precedence over the reject line, as it occurs in the file
>> before the reject.
>>
>> If you remove that line, then you don't need the reject line at all.
>
> I commented it and restarted the server but I still get same result!
db.setHostName("localhost");
>
> How can I absolutely be sure that my server rejects not ssl connections?
>
>
> --
> Best Regards,
> Muhammad Bashir Al-Noimi
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2013-07-09 21:16:03 | Re: Force ssl connection |
| Previous Message | Muhammad Bashir Al-Noimi | 2013-07-09 20:55:18 | Re: Force ssl connection |