Tom Lane wrote:
> Randy Cone <cone@hpl.umces.edu> writes:
> > What's particularly irksome is that this happens even when no SSL is
> > supposed to be used at all, i.e. simple tcp/ip host based client connect.
>
> Hard to see how that could happen, unless some SSL logic has snuck into
> the non-SSL code path --- but then I'd expect it to fail immediately.
>
> Are you sure you turned off SSL? (I am not sure it's possible to do that
> just by altering pg_hba.conf --- you can force SSL that way, but not
> forbid it.)
This is a known SSL issue, that if the client and server support SSL,
they use it even if you don't have SSL configured in pg_hba.conf. We
had that discussion about allowing folks to control that from the client
and server and a few months ago.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
