[Kea-users] TLS support for isc-kea-pgsql in pre-built packages
Francis Dupont
fdupont at isc.org
Mon Jun 2 21:42:46 UTC 2025
Wilhelm Wijkander writes:
> I noticed that the isc-kea-pgsql Debian package seems to be built
> without --enable-pgsql-ssl
=> a bad and a good news about this:
- first in fact the code when the configuration option is broken (it never
compiled) and obsolete (it triggers OpenSSL initialization which is done
for OpenSSL version > 1.1.0). The configuration option and the corresponding
code was removed when we moved to autotools so in the coming 3.0.0 release.
- second this brought our attention on PostgreSQL support of TLS setup in
not very old versions so we plan to update the Kea code to an equivalent
of what is available for MySQL/MariaDB using the libpq API.
Note until this you can use the PostgreSQL configuration as BTW you should
for SQL scripts and of course the server itself (Kea and scripts are SQL
clients). I leave my colleague which raised this point to add details.
Regards
Francis Dupont <fdupont at isc.org>
More information about the Kea-users
mailing list