On Fri, Sep 25, 2020 at 09:33:48AM +0900, Kyotaro Horiguchi wrote:
> At Thu, 24 Sep 2020 11:43:40 -0400, Bruce Momjian <bruce@momjian.us> wrote in
> > On Thu, Sep 24, 2020 at 12:44:01PM +0900, Michael Paquier wrote:
> > > On Tue, Sep 01, 2020 at 10:27:03PM -0400, Bruce Momjian wrote:
> > > > OK, good. Let's wait a few days and I will then apply it for PG 14.
> > >
> > > It has been a few days, and nothing has happened here. I have not
> > > looked at the patch in details, so I cannot say if that's fine or not,
> > > but please note that the patch fails to apply per the CF bot.
> >
> > I will handle it.
>
> Thank you Bruce, Michael. This is a rebased version.
>
> regards.
>
> --
> Kyotaro Horiguchi
> NTT Open Source Software Center
> >From 2978479ada887284eae0ed36c8acf29f1a002feb Mon Sep 17 00:00:00 2001
> From: Kyotaro Horiguchi <horikyoga.ntt@gmail.com>
> Date: Tue, 21 Jul 2020 23:01:27 +0900
> Subject: [PATCH v2] Allow directory name for GUC ssl_crl_file and connection
> option sslcrl
>
> X509_STORE_load_locations accepts a directory, which leads to
> on-demand loading method with which method only relevant CRLs are
> loaded.
Uh, I think this CRL patch is the wrong patch. This thread is about the
clientcert=verify-ca in pg_hba.conf. I will use the patch I developed
and posted on Tue, 1 Sep 2020 11:47:34 -0400 in this thread.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee