Thx John,
It got me a long way. I actually have a more complex installation (I think=
) that I originally thought on my test linux box. Looks like all the files=
that I modify are under /var/lib/post../coord.
I added the line.. to pg_hba.conf
hostssl all all 127.0.0.1/32 cert
and after restarting the coordinator node, it errored because I had to modi=
fy postgresql.conf (ssl=3Doff) . So I feel that the server is now running =
in SSL mode.
But when I used psql...I'm getting this....
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
postgres-xc@adminuser-VirtualBox:~/coord$ psql -h localhost testdb
psql (PGXC 1.0.0, based on PG 9.1.4)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
Type "help" for help.
testdb=3D# select 2+2;
?column?
----------
4
(1 row)
testdb=3D# \q
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
It's telling me it's through an SSL connection, but I didn't specify any ke=
ystore on my side for psql? Does it pick it up from somewhere?
Any help is greatly appreciated :)
Postgresql isn't half bad ;)
From: pgsql-general-owner@postgresql.org [mailto:pgsql-general-owner@postgr=
esql.org] On Behalf Of John R Pierce
Sent: Thursday, February 21, 2013 11:04 PM
To: pgsql-general@postgresql.org
Subject: Re: [GENERAL] confirming security.
On 2/21/2013 7:55 PM, Maz Mohammadi wrote:
When I start the server, there is no change in the authentication. I can st=
ill login using psql for the same person.
did you disable other authentication methods in pg_hba.conf ? I would =
leave the LOCAL line as peer, and use ssl for HOST lines, then to test, use=
psql -h localhost .....
--
john r pierce 37N 122W
somewhere on the middle of the left coast
