On Fri, Feb 12, 2016 at 5:20 AM, Lesley Kimmel
<lesley.j.kimmel@gmail.com> wrote:
> Thanks for the reply Laurenz. Of course the first thing that I thought of to
> prevent man-in-the-middle was SSL. However, I also like to try to address
> the issue in a way that seems to get at what they are intending. It seemed
> to me that they wanted to do some configuration within the database related
> to session IDs.
As far as server configuration, you can configure your server to only
accept ssl connections in pg_hba.conf. You should also configure your
clients to do sslmode=verify-full on the ssl certificate sent to them
by the server (which is not the default).
Cheers,
Jeff