On Mon, May 9, 2011 at 5:03 PM, zhong ming wu <mr.z.m.wu@gmail.com> wrote:
> On Mon, May 9, 2011 at 4:37 PM, Merlin Moncure <mmoncure@gmail.com> wrote:
>>> I was not setting protocol. But since I got your message, I tried
>>> 'protocol = pgsql' in stunnel.conf
>>
>> see: http://pgbouncer.projects.postgresql.org/doc/faq.html#_how_to_use_ssl_connections_with_pgbouncer
>>
>> "Use Stunnel. Since version 4.27 it supports PostgreSQL protocol for
>> both client and server side. It is activated by setting
>> protocol=pgsql.
>>
>> For older 4.2x versions the support code is available as patch:
>> stunnel-postgres.diff
>>
>> Alternative is to use Stunnel on both sides of connection, then the
>> protocol support is not needed."
>>
>
>
> Thanks. Yes, when I installed the latest stunnel-4.36 it works.
>
> One strange thing I notice. When I do ssl connect with psql I am
> supposed to get a message like
>
> SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
>
> With client side stunnel and (nonssl capable) psql I am not getting
> this message. But still the connection seems to be ssl..
it is? try setting up your connection string to require ssl.
merlin
