On Wed, Jun 3, 2020 at 03:07:30PM +0300, Ants Aasma wrote:
> On Tue, 2 Jun 2020 at 20:14, Bruce Momjian <bruce@momjian.us> wrote:
>
> The server certificate should be issued by a certificate authority root
> outside of your organization only if you want people outside of your
> organization to trust your server certificate, but you are then asking
> for the client to only trust an intermediate inside your organization.
> The big question is why bother having the server certificate chain to a
> root certificat you don't trust when you have no intention of having
> clients outside of your organization trust the server certificate.
> Postgres could be made to handle such cases, but is is really a valid
> configuration we should support?
>
>
> I think the "why" the org cert is not root was already made clear, that is the
> copmany policy. I don't think postgres should take a stance whether the
> certificate designated as the root of trust is self-signed or claims to get its
> power from somewhere else.
Uh, we sure can. We disallow many configurations that we consider
unsafe. openssl allowed a lot of things, and their flexibility make
them less secure.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee