Jorge Godoy wrote: >> What does pg_hba.conf look like? > > I don't know if I misunderstood him, but I thought he was > willing to have SSL on both sides, i.e., both the client > and the server identify themselves trough SSL certificates. I had the same impression. > Even though one can require connections using only SSL on the > server side, I don't see a method (in pg_hba.conf) that > would allow clients with SSL certificates. Nor do I. The complaint was that he could connect even if he didn't have a valid client certificate. That would mean that the connection was not established with SSL. I want to see the pg_hba.conf to see if there is an entry that allows him to connect without using SSL, like a "host" entry. Yours, Laurenz Albe ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings
