John Scalia <jayknowsunix@gmail.com> writes:
> The only entries are a local connection line with md5 authentication specified and a line for local replication with
atrust authentication. Both of these entries do seem to be working properly.
So the client is trying an SSL connection first (which would be the
default behavior for libpq at least), and that falls through the
hostnossl line and is captured by the md5 line. Hence you get a
password prompt. The client has no way to know that a non-SSL
connection would have gotten a different response.
You could change the md5 line to hostssl, perhaps. Or configure
the client to try non-SSL first (see sslprefer).
regards, tom lane