Hello,
We are looking to provide openssl methodology into our testing environment. I've run into this issue
when attempting to access from a client to a remote postgres server after SSL configuration:
from client
10.10.4.34:
psql -U postgres marktst -h 10.10.4.52
psql: FATAL: no pg_hba.conf entry for host "10.10.4.34", user "postgres", database "marktst", SSL off
You might back off from ssl, client authentication just to see what happens with:
this will provide the client auth of the server and require a password auth for the client. Hopefully that works first. I've seen your msg and had some effect with the following env variable, but it's probably a long shot:
"PGSSLMODE behaves the same as the
sslmode"
PGSSLMODE=verify-full will cause the client to verify that the CN on the server certificate matches the hostname of the server. disable will only try a non-
SSL connection which will not be compatible with the pg_hba config.
It is a bit of a fishing expedition.