Re: php, postgres, ssl

I agree, something like that would be one of the better solutions. Have a
separate layer worrying about the traffic being encrypted and have php and
the database talk as if everything is standard.

But I am mostly concerned why the PHP app would be connecting across the
internet directly to the database.

As far as the "requiressl", I have never seen it used with PHP. Maybe it
falls under the "options" parameter. Be interesting if someone tried it.

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
http://www.rutgersinsurance.com
----- Original Message -----
From: "Michael Fork" <mfork(at)toledolink(dot)com>
To: "Adam Lang" <aalang(at)rutgersinsurance(dot)com>
Cc: <pgsql-php(at)postgresql(dot)org>
Sent: Wednesday, March 21, 2001 5:09 PM
Subject: Re: [PHP] php, postgres, ssl

> There are a couple of things you can do to establish a secure connection
> between a remote postgres server and any other server.
>
> One is using SSH tunnels:
> http://www.postgresql.org/users-lounge/docs/7.0/admin/security1530.htm
>
> Another is to establish your connection with "requiressl=true" as part of
> the options strings under libpq -- which, since PHP uses libpq, I belive
> should work under PHP as pg_Connect("host=server dbname=db user=me
> password=pass requiressl=true") (and if it doesn't work, it should be able
> to be added easily).
>
> I haven't actually done either of these, but I also don't see any reason
> why these wouldn't work :)