On 5/2/23 13:15, Tomas Pospisek wrote:
Oh, I think your idea to use pgbouncer to take care of the SSL
termination is elegant. I don't think me I'd characterize it as a hack
if properly set up. Why do you consider it a hack?
*t
Let me guess: postgres IS NOT listening on the other port, pgbouncer is
with it's own users and mappings and protocol setup and then sending
what ever's encrypted to the actual port postgres is listening on
which could have been used directly (with maybe on less cert?)
I use pgbouncer btw. For balance.