<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Fraser Campbell wrote:
<blockquote cite="mid200501071538.47675.fraser-eicrhRFjby5dCsDujFhwbypxlwaOVQ5f@public.gmane.org"
type="cite">
<pre wrap="">On Friday 07 January 2005 10:50, Sergey Kuznetsov wrote:
</pre>
<blockquote type="cite">
<pre wrap="">By the way, I just adore the SSL-feature of PG. It allows me to connect
to PG from any place thru Internet and not afraid if someone will intercept
my data.
</pre>
</blockquote>
<pre wrap=""><!---->
I can see the application of SSL in a LAN/DMZ environment but I hate the
thought of exposing another daemon to the Internet ... if the IPs allowed
access are limited by firewall rules then I'd feel better about it.
</pre>
</blockquote>
SSL is integrated into PG itself. It listens on the main PG port.
It recognizes SSL or non-SSL<br>
connection, based on pg_hba.conf record entry.<br>
<br>
Here is the example:<br>
<br>
hostssl dbname1 user1 10.0.0.1 255.255.255.255 trust<br>
host dbname2 user1 10.0.0.1 255.255.255.255 trust<br>
(I know that trust is quite insecure, but this is example =)<br>
<br>
it this example you can connect to securely to dbname1 as user1, and
without SSL to dbname2 at the same computer.<br>
<br>
<br>
<blockquote cite="mid200501071538.47675.fraser-eicrhRFjby5dCsDujFhwbypxlwaOVQ5f@public.gmane.org"
type="cite">
<blockquote type="cite">
<pre wrap="">All my Perl-scripts connects only thru SSL-enabled connection.
I don't know if any other DB allows that.
</pre>
</blockquote>
<pre wrap=""><!---->
mysql does for sure, whether as well as pg I have no idea.
</pre>
</blockquote>
It possible to do with any DB via stunnel trick.<br>
<br>
<br>
All the Best!<br>
Sergey<br>
<br>
</body>
</html>