Postgres Pro
Downloads
Home   >   mailing lists

Re: php, postgres, ssl - Mailing list pgsql-php

From Michael Fork
Subject Re: php, postgres, ssl
Date
Msg-id Pine.BSI.4.21.0103211657100.22836-100000@glass.toledolink.com
Whole thread Raw
In response to Re: php, postgres, ssl  ("Martin A. Marques" <martin@math.unl.edu.ar>)
List pgsql-php
Tree view 
There are a couple of things you can do to establish a secure connection
between a remote postgres server and any other server.

One is using SSH tunnels:
http://www.postgresql.org/users-lounge/docs/7.0/admin/security1530.htm

Another is to establish your connection with "requiressl=true" as part of
the options strings under libpq -- which, since PHP uses libpq, I belive
should work under PHP as pg_Connect("host=server dbname=db user=me
password=pass requiressl=true") (and if it doesn't work, it should be able
to be added easily).

I haven't actually done either of these, but I also don't see any reason
why these wouldn't work :)

Michael Fork - CCNA - MCP - A+
Network Support - Toledo Internet Access - Toledo Ohio

On Wed, 21 Mar 2001, Martin A. Marques wrote:

> El Mi� 21 Mar 2001 18:33, Adam Lang escribi�:
> > Correct, all it does is connect straight to the database.  It doesn't have
> > anything to involve encryption... it doesn't care.  So, you'll probably
> > need to secure the path yourself, ie IPSEC.
> >
> > Someone else may have a better idea, but this is all I can think of.
> > Typically though, you shouldn't have PHP connect to a database over a
> > connection that is insecure/public.
> >
> > Any reason this is a concern?
>
> Well, I thought about this, because I was trying to build something like it.
> A web server, and a database server, seperated! So I thought, if Postgres
> accepts hostssl connections (if compiled with ssl support), why doesn't PHP
> use this powerfull feature?
> Would it be difficult to build a pg_connectssl function in PHP that would do
> this?
>
> Saludos... :-)
>
> --
> System Administration: It's a dirty job,
> but someone told me I had to do it.
> -----------------------------------------------------------------
> Mart�n Marqu�s            email:     martin@math.unl.edu.ar
> Santa Fe - Argentina        http://math.unl.edu.ar/~martin/
> Administrador de sistemas en math.unl.edu.ar
> -----------------------------------------------------------------
>



---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org

pgsql-php by date:

Previous
From: "Martin A. Marques"
Date:
Subject: Re: php, postgres, ssl
Next
From: "Adam Lang"
Date:
Subject: Re: php, postgres, ssl