7 okt 2009 kl. 09.47 skrev Klaus Darilion:
Olle E. Johansson schrieb:
The db_postgres documentation doesn't say much about anything, really... Is there support for TLS connections and how do I configure it if it exist?
Do you need client authentication? If not, AFAIK the connection the postgresql is TLS if configured on the postgresql server.
Well, I need to be able to control the server certificate verification on the client side. And have an option to enable/disable SSL, set crypto mechanisms, authentication options and so on...
/etc/postgresql/8.1/main/pg_hba.conf:
# This file controls: which hosts are allowed to connect, how clients # are authenticated, which PostgreSQL user names they can use, which # databases they can access. Records take one of these forms: # # local DATABASE USER METHOD [OPTION] # host DATABASE USER CIDR-ADDRESS METHOD [OPTION] # hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTION] # hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTION] # # (The uppercase items must be replaced by actual values.) # # The first field is the connection type: "local" is a Unix-domain socket, # "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an # SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
Happily, I am able to cover the whole server thing with a SEP field. Somebody-elses-problem :-)
Thanks!
/O