Tom Lane wrote:
Tom Allison <tom@xxxxxxxxxxx> writes:
host all all 127.0.0.1/32 md5
hostssl all all 192.168.0.1/24 md5
^^^^^^^^^^^^^^
That needs to be 192.168.0.0/24 ... as is, it won't match anything.
But I have a localhost client that can't log in because it keeps trying to
authenticate via SSL.
Sorry, I mixed it up.
Copying from the pg_hba.conf:
# Database administrative login by UNIX sockets
local all postgres ident sameuser
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host dbmail all 127.0.0.1/32 md5
host all all 192.168.1.0/24 md5
host all all 192.168.0.0/24 md5
# IPv6 local connections:
host all all ::1/128 md5
I would like to be able to set change the lines maching 192.168...
to
hostssl all all 192.168....
and set ssl=true in postgres.conf
But when I do, the localhost connections try to do ssl first and then fail.
Setting
hostnossl dbmail all 127.0.0.1/32 md5
didn't seem to help but I might have missed something at the time.
