Re: Regarding SSL Enablement in PostgreSQL Database on different port

From: Christophe Pettus <xof(at)thebuild(dot)com>
To: Tomas Pospisek <tpo2(at)sourcepole(dot)ch>
Cc: pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Re: Regarding SSL Enablement in PostgreSQL Database on different port
Date: 2023-05-02 19:26:02
Message-ID: DDB166D8-C5FF-4DE7-84B5-DB67F59723AB@thebuild.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

> On May 2, 2023, at 12:15, Tomas Pospisek <tpo2(at)sourcepole(dot)ch> wrote:
>
> Oh, I think your idea to use pgbouncer to take care of the SSL termination is elegant. I don't think me I'd characterize it as a hack if properly set up. Why do you consider it a hack?

It's really only a hack in the sense that pgbouncer is being introduced just to do TLS. You might be able to do the same thing by running stunnel on the PostgreSQL host on a different port, and have it forward to PostgreSQL.

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Evan Rempel 2023-05-02 19:38:59 RHEL repo package crc mismatches
Previous Message Rob Sargent 2023-05-02 19:25:13 Re: Regarding SSL Enablement in PostgreSQL Database on different port