postgresql_cluster icon indicating copy to clipboard operation
postgresql_cluster copied to clipboard

Published 20 hours ago verified publisher icon vitabaks

Can't connect to db, using SSL certificate over pgbouncer.

Open davideferrero opened this issue 1 year ago • 3 comments

Hi everyone!

We just finished configuring the PostgreSQL cluster, and everything looks great! We have set up the SSL connection for the cluster. However, when we try to connect to the VIP at port 5000, we go through pgbouncer, and it doesn't allow SSL connections. Instead, if we connect directly to the node at port 5432, we establish the SSL connection without any issues.

❯ PGSSLMODE=require psql --host pgdebian2.test.it.lan --port 5000 --user testuser --db test --password Password: psql: error: connection to server at "pgdebian2.test.it.lan" (192.168.43.51), port 5000 failed: server does not support SSL, but SSL was required

Thanks a lot! :)

davideferrero avatar Feb 21 '24 16:02 davideferrero

Hey Davide!

you can add the following lines to /etc/pgbouncer/pgbouncer.ini to enable tls:

client_tls_sslmode = allow
client_tls_key_file = <key file path>
client_tls_cert_file = <cert file path>

It would be nice to add these configurations via playbook variables, i wonder if this is supported

n-borges avatar Feb 21 '24 17:02 n-borges

Feel free to create a PR.

vitabaks avatar Feb 21 '24 17:02 vitabaks

Feel free to create a PR.

I will happily work on it in the next few days

n-borges avatar Feb 22 '24 17:02 n-borges