| From: | Muhammad Bashir Al-Noimi <mbnoimi(at)gmail(dot)com> |
|---|---|
| To: | jeff(dot)janes(at)gmail(dot)com |
| Cc: | adrian(dot)klaver(at)gmail(dot)com, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Force ssl connection |
| Date: | 2013-07-09 20:55:18 |
| Message-ID: | 51DC78B6.5060603@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 07/09/2013 07:54 PM, Jeff Janes wrote:
> On Tue, Jul 9, 2013 at 10:02 AM, Muhammad Bashir Al-Noimi
> <mbnoimi(at)gmail(dot)com> wrote:
>> So may you please be more specific, what's wrong in my configurations?
>>
>> My pg_hba.conf content is:
>>
>> local all postgres peer
>> local all all peer
>> host all all 127.0.0.1/32 md5
>> host all all ::1/128 md5
>> host all all 0.0.0.0/0 md5
>> hostssl all all 0.0.0.0/0 md5
>> hostnossl all all 0.0.0.0/0 reject
> The line below accepts all connections, whether ssl or nossl:
>
> host all all 0.0.0.0/0 md5
>
> It takes precedence over the reject line, as it occurs in the file
> before the reject.
>
> If you remove that line, then you don't need the reject line at all.
I commented it and restarted the server but I still get same result!
How can I absolutely be sure that my server rejects not ssl connections?
--
Best Regards,
Muhammad Bashir Al-Noimi
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Janes | 2013-07-09 21:14:57 | Re: Force ssl connection |
| Previous Message | Merlin Moncure | 2013-07-09 20:20:24 | Re: pg 9.2.4 dblink |