Yes if the database is not on the same physical machine or if the machine
is not exclusively under your control.
The connection with the clients is different from the connection of the
server with the database.
On Saturday, 15 June 2019 22:54:56 UTC-7, Vlad wrote:
>
> Here is a quote from the web2py docs:
>
> "Making a secure connection
> Sometimes it is necessary (and advised) to connect to your database using
> secure connection, especially if your database is not on the same server as
> your application. In this case you need to pass additional parameters to
> the database driver. You should refer to database driver documentation for
> details.
> For PostgreSQL with psycopg2 it should look like this:
> DAL('postgres://user_name:user_password@server_addr/db_name',
> driver_args={'sslmode': 'require', 'sslrootcert': 'root.crt',
> 'sslcert': 'postgresql.crt', 'sslkey': 'postgresql.key'})"
> <<END QUOTE>>
>
> I am wondering if this feature is still necessary for a secure db
> connection in case I anyway use SSL for the site.
>
> Does this secure postgres feature need to be used on top of existing SSL
> connection? Or it's rather for non-ssl site to make a db connection secure?
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/web2py/e895a870-df52-45d7-8afa-6c49cb52444c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
