Hi all, Have pgpool-II 3.0.1 in replication mode up and running, accessing two instances of pg 9.0.1 on the same machine. So far so good, all looks fine and I’m almost happy except I'm unable to achieve authentication the way I want to :-(
What I want: - all connections from the same machine should be trusted. - all connections from different hosts should only be possible via SSL What I did: -> pgpool.conf (beside all other entries for replication, ports etc. - ssl = true, ssl_key + ssl_cert point to the correct ssl files - enable_pool_hba = true - pool_password build with pg_md5 --md5aut pool_hba.conf =========== local all postgres trust hostssl all all 0.0.0.0/0 md5 pg_hba.conf ========= # TYPE DATABASE USER CIDR-ADDRESS METHOD local all postgres trust hostssl all postgres 127.0.0.1/0 md5 Result: - connecting locally: -> md5 authentication is unsupported in replication, - connecting from different hosts: -> able to connect with AND WITHOUT ??? SSL by supplying the password Then I changed pg_hba.conf the following: pg_hba.conf ========= # TYPE DATABASE USER CIDR-ADDRESS METHOD local all postgres trust host all postgres 127.0.0.1/0 trust hostssl all postgres 127.0.0.1/0 md5 Result: - connection local: -> ok, connect without pw (trust) possible - connecting from different host: -> able to connect with AND WITHOUT SSL ??? and with and WITHOUT supplying a password ??? :-( Question: - is it possible to configure what I want ? - How ? Any help is highly appreciated. TIA acki4711 _______________________________________________ Pgpool-general mailing list [email protected] http://pgfoundry.org/mailman/listinfo/pgpool-general
