Please accept my apologies : my server.cert file was not the good one
(not generated with the server.key file... damn it! :) )
May be it would be nice if some debug could be printed in the log?
Once again, thank you for PgPool-II!
/Erwan
On 03/11/2011 06:46 PM, Erwan wrote:
Hi there,
I'm a total beginner with pgpool-II which I would like to use as a
full load balancer for my read queries.
Everything works great and now I try to have a full SSL communication
between my client and pgpool-II.
To do this I recompile it with the following configure command:
./configure --prefix=/usr/local/pgpool-II-3.0.3_with_ssl --with-openssl
make
make install
Then I change my pgpool.conf:
...
ssl = true
ssl_key = '/usr/local/pgpool-II-3.0.3_with_ssl/etc/server.key'
ssl_cert = '/usr/local/pgpool-II-3.0.3_with_ssl/etc/server.cert'
...
I launch pgpool-II with this command:
/usr/local/pgpool-II-3.0.3_with_ssl/bin/pgpool -f
/usr/local/pgpool-II-3.0.3_with_ssl/etc/pgpool.conf -F
/usr/local/pgpool-II-3.0.3_with_ssl/etc/pcp.conf -c >>
/tmp/pgpool-II.log 2>&1 &
Thanks to wireshark, I can read the network stream between my client
and pgpool-II... and I can see that my password is transferred in
clear text with my new SSL configuration.
I got nothing special in my log (about misconfiguration or something
else...) so I'm a little lost.
I presume I did something wrong or maybe forgot something or most
probably I didn't understand something.
Any clue about secured communication between client and pgpool-II will
be greatly appreciated.
And per advance forgive my question if it's a stupid one :)
Thanks
/Erwan
_______________________________________________
Pgpool-general mailing list
[email protected]
http://pgfoundry.org/mailman/listinfo/pgpool-general
_______________________________________________
Pgpool-general mailing list
[email protected]
http://pgfoundry.org/mailman/listinfo/pgpool-general
