[pgpool-general: 8704] Re: Will pgpool use SSL encryption only when connected with a certain user?
Tatsuo Ishii
ishii at sraoss.co.jp
Fri Mar 31 16:40:57 JST 2023
> Hi Tatsuo,
>
> I noticed that postgresql will specify hosting a particular user with SSL
> authentication:
> https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
>
> and pgpool has to set its own hba file to override the one of postgresql:
> https://www.pgpool.net/docs/44/en/html/auth-pool-hba-conf.html
I think you are misunderstanding the role of pool_hba.conf: it affects
between client <--> Pgpool-II.
> So the scenario seems:
> postgresql --plain TCP-- pgpool --SSL TCP-- some client
> Am I correct?
Also followings are possible.
postgresql --SSL TCP-- pgpool --SSL TCP-- some client
postgresql --SSL TCP-- pgpool --plain TCP-- some client
postgresql --plain TCP-- pgpool --plain TCP-- some client
> Also I would like to know if there is a method to establish an SSL TCP with
> a client without asking the client to show its certificate, just like https
> does to encrypt http content.
Yes, you can.
Best reagards,
--
Tatsuo Ishii
SRA OSS LLC
English: http://www.sraoss.co.jp/index_en/
Japanese:http://www.sraoss.co.jp
More information about the pgpool-general
mailing list