Thx John,
It got me a long way. I actually have a more complex installation (I think)
that I originally thought on my test linux box. Looks like all the files that
I modify are under /var/lib/post../coord.
I added the line.. to pg_hba.conf
hostssl all all 127.0.0.1/32 cert
and after restarting the coordinator node, it errored because I had to modify
postgresql.conf (ssl=off) . So I feel that the server is now running in SSL
mode.
But when I used psql...I'm getting this....
==============
postgres-xc@adminuser-VirtualBox:~/coord$ psql -h localhost testdb
psql (PGXC 1.0.0, based on PG 9.1.4)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
Type "help" for help.
testdb=# select 2+2;
?column?
----------
4
(1 row)
testdb=# \q
==============
It's telling me it's through an SSL connection, but I didn't specify any
keystore on my side for psql? Does it pick it up from somewhere?
Any help is greatly appreciated :)
Postgresql isn't half bad ;)
From: [email protected]
[mailto:[email protected]] On Behalf Of John R Pierce
Sent: Thursday, February 21, 2013 11:04 PM
To: [email protected]
Subject: Re: [GENERAL] confirming security.
On 2/21/2013 7:55 PM, Maz Mohammadi wrote:
When I start the server, there is no change in the authentication. I can still
login using psql for the same person.
did you disable other authentication methods in pg_hba.conf ? I would
leave the LOCAL line as peer, and use ssl for HOST lines, then to test, use
psql -h localhost .....
--
john r pierce 37N 122W
somewhere on the middle of the left coast
