Skip to content

Ability to reject non-SSL connections #4357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
refset opened this issue Apr 11, 2025 · 0 comments
Open

Ability to reject non-SSL connections #4357

refset opened this issue Apr 11, 2025 · 0 comments
Labels
pgwire security

Comments

@refset
Copy link
Contributor

refset commented Apr 11, 2025
edited by jarohen
Loading

e.g. Postgres achieves this via a configuration in pg_hba.conf:

# Disallow non-SSL
hostnossl all all 0.0.0.0/0 reject
@refset refset added the pgwire label Apr 11, 2025
@refset refset added this to 2.x Apr 11, 2025
@github-project-automation github-project-automation bot moved this to 💭 Backlog in 2.x Apr 11, 2025
@refset refset changed the title Disallow non-SSL pgwire connections when SSL is enabled Use of non-SSL pgwire connections may leak data/credentials (when SSL is enabled) Apr 14, 2025
@refset refset changed the title Use of non-SSL pgwire connections may leak data/credentials (when SSL is enabled) Ability to reject non-SSL connections Apr 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pgwire security
Projects
2.x
Status: 💭 Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@refset