[pgpool-hackers: 3486] Re: Cert auth in Pgpool-II
Tatsuo Ishii
ishii at sraoss.co.jp
Wed Jan 8 10:28:18 JST 2020
> Hi Usama,
>
> Pgpool-II does support certificate authentication between client and
> Pgpool-II but it does not support verify option. i.e. it treats as if
> "clientcert=verify-full" in pg_hba.conf.
I confirmed this.
t-ishii$ PGSSLCERT=/home/t-ishii/work/Pgpool-II/current/pgpool2/src/test/regression/tests/024.cert_auth/frontend.crt PGSSLKEY=/home/t-ishii/work/Pgpool-II/current/pgpool2/src/test/regression/tests/024.cert_auth/frontend.key psql --set=sslmode=require -h localhost -p 11000 -U foo test
psql: error: could not connect to server: ERROR: CERT authentication failed
DETAIL: no valid certificate presented
FATAL: client authentication failed
DETAIL: no pool_hba.conf entry for host "127.0.0.1", user "foo", database "test", SSL off
HINT: see pgpool log for details
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
More information about the pgpool-hackers
mailing list