| From: | "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
|---|---|
| To: | "Jorge Godoy *EXTERN*" <jgodoy(at)gmail(dot)com>, <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Postgresql and SSL |
| Date: | 2007-09-20 10:07:09 |
| Message-ID: | D960CB61B694CF459DCFB4B0128514C23C6BB6@exadv11.host.magwien.gv.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Jorge Godoy wrote:
>> What does pg_hba.conf look like?
>
> I don't know if I misunderstood him, but I thought he was
> willing to have SSL on both sides, i.e., both the client
> and the server identify themselves trough SSL certificates.
I had the same impression.
> Even though one can require connections using only SSL on the
> server side, I don't see a method (in pg_hba.conf) that
> would allow clients with SSL certificates.
Nor do I.
The complaint was that he could connect even if he didn't
have a valid client certificate.
That would mean that the connection was not established
with SSL. I want to see the pg_hba.conf to see if there is
an entry that allows him to connect without using SSL,
like a "host" entry.
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ow Mun Heng | 2007-09-20 10:43:51 | Re: Is this good spec for a PostgreSQL server? |
| Previous Message | SunWuKung | 2007-09-20 09:24:13 | any with the output of coalesce |