[pgpool-hackers: 3000] Re: New feature: supporting SCRAM and CERT based authentication in Pgpool-II
ishii at sraoss.co.jp
Mon Aug 27 17:26:44 JST 2018
Thanks for the patch.
I assume this is going to be handled in 4.1 development cycle unless
otherwise Usama wants to import into 4.0.
SRA OSS, Inc. Japan
From: Jesper Pedersen <jesper.pedersen at redhat.com>
Subject: [pgpool-hackers: 2993] Re: New feature: supporting SCRAM and CERT based authentication in Pgpool-II
Date: Fri, 24 Aug 2018 12:12:12 -0400
Message-ID: <c01c739b-8720-cc93-7f9e-b9fab275de25 at redhat.com>
> On 08/23/2018 01:53 PM, Jesper Pedersen wrote:
>> I think we should add a _pgpool_ identifier to the SSL configuration
>> to make it clear that its 2) that is being supported at the moment,
>> like ssl_pgpool_cert and so on. 3) and 4) could be ssl_backend_ based
> Here is a start in that direction. I added the documentation for the
> ssl_backend_ settings, but those needs a discussion. They are
> * ssl_backend_users_cert_dir
> Maybe just a directory structure, like
> and so on, if option is 'sslusers'.
> * ssl_backend_mode
> I think we can assume that all connections share their policy. Default
> is require.
> * ssl_backend_cert_auth
> Certificate authority. Shared by all connections.
> * ssl_backend_cert_revoke_list
> Certificate revoke list. Shared by all connections.
> FYI, I havn't looked at the Client to Pgpool-II part yet in detail.
> Best regards,
More information about the pgpool-hackers