Re: BUG #5008: Server Startup Problem - When server is configured for SSL

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Magnus Hagander <magnus(at)hagander(dot)net>
Cc: Jalaj Negi <jalajsinghnegi(at)gmail(dot)com>, pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #5008: Server Startup Problem - When server is configured for SSL
Date: 2009-08-26 20:47:04
Message-ID: 19753.1251319624@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

Magnus Hagander <magnus(at)hagander(dot)net> writes:
> On Wed, Aug 26, 2009 at 15:57, Tom Lane<tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Magnus Hagander <magnus(at)hagander(dot)net> writes:
>>> But that will still fail if the user has set it up to require a client
>>> certificate.
>>
>> But not till it gets to the pg_hba checks. We might need to have some

> How would that be different from what we have now? sslmode=prefer will
> still allow both ssl and non-ssl connection. It won't kick you out
> until you reach the hba processing, will it?

Hm, will it retry if the ssl setup step fails? If so it'd be all right,
but it's still a waste of cycles ...

regards, tom lane

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Alvaro Herrera 2009-08-26 20:55:18 Re: BUG #5012: mailing list VERP addresses not sender-verifiable
Previous Message Greg Stark 2009-08-26 20:46:12 Re: BUG #5012: mailing list VERP addresses not sender-verifiable