On Wednesday, September 07, 2011 4:49:30 am Asia wrote:
>
> The problem is that I believe that this configuration could be better but I
> cannot put part of CA chain in root.crt as it was advised.
> For Java it all depends on current SSL Factory implementation, I was using
> the default one. If I wrote my own implementation I would probably be able
> to have common with libpq, requiring the least info, configuration (but
> actually I would prefer to avoid it).
You might want to take a look at the below and see if it helps:
http://jdbc.postgresql.org/documentation/head/ssl-client.html
>
> Kind regards,
> Joanna
--
Adrian Klaver
adrian.klaver@gmail.com