Bhanu Murthy wrote: > handsfree wrote: >> We're looking to use streaming replication to a target via a secondary host >> using stunnel. > I could think of 2 possible solutions: [...] > 2. Use streaming replication config features to secure traffic (encrypted data over TCP) > > Master configuration on machine-A: > =>Update replication line in pg_hba.conf to "hostssl" > > Slave configuration on machine-B: > => primary_conninfo='host=machine-A port=5432 sslmode=require' > or > => primary_conninfo='host=machine-A port=5432 sslmode=verify-ca' > > You could then use cascading replication (available from postgres 9.2) from machine-B to machine-C. That would be the best solution, but I ran into a problem with it: http://www.postgresql.org/message-id/D960CB61B694CF459DCFB4B0128514C208A4E93C@xxxxxxxxxxxxxxxxxxxxxxxxxx It still works, but the replication connection is lost and restarted whenever SSL renegotiation takes place. I wasn't able to figure out what causes the problem. Yours, Laurenz Albe -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
