Re: To whom an SSL client crt (postgresql.crt) is issued

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: To whom an SSL client crt (postgresql.crt) is issued
Дата
Msg-id 20253.1134972488@sss.pgh.pa.us
обсуждение исходный текст
Ответ на To whom an SSL client crt (postgresql.crt) is issued  (k.p.d.lehre@medisin.uio.no)
Список pgsql-interfaces
Дерево обсуждения 
k.p.d.lehre@medisin.uio.no writes:
> The docs do not mention that the client crt has to be issued
> to the user trying to log on. Isn't it a point TO WHOM the client crt is
> issued? Is this the way it is meant to be?

Restricting that would require assumptions-not-in-evidence about
certificate issuers using names that sync with database user names.
But perhaps more to the point, Postgres does not use SSL certificates
as a user authentication mechanism, only as a transport privacy
mechanism.  Using SSL is not sufficient grounds for deciding you
can use "trust" auth mode.
        regards, tom lane

В списке pgsql-interfaces по дате отправления:

Предыдущее
От: k.p.d.lehre@medisin.uio.no
Дата:
Сообщение: To whom an SSL client crt (postgresql.crt) is issued
Следующее
От: jmadm
Дата:
Сообщение: Cursors for update.., we have to port an informix 9.x appication using cursors for update