On Mon, 2007-07-09 at 09:05 +0200, Koen Vermeer wrote:
> I want to set up a database server that is connected to the Internet.
> Therefore, I want my users to use SSL/TLS certificates. I provide these
> certificates to the users, so I can control the information that is in
> there. Now, I know that I can set up PostgreSQL to use SSL/TLS, but I am
> unable to find a way to map a SSL/TLS certificate to a specific user.
> Is there a way to set this up? If so, how?
> Thanks for any pointers!
Despite the somewhat less than overwhelming number of replies, I think I
found a way around this. Just in case someone else may be looking for
this:
In contrib, there is something called 'sslinfo', which provides details
of the X509 certificate that was used by the client for the session.
Based on that, I can validate whether a username indeed matches the
certificate, or make sure a user can only get data matching some field
in the table to a field of the certificate, which probably is all I
need.
Koen