Ray Stell <stellr@cns.vt.edu> writes:
> I was hoping to not have to support client certs. I want
> encryption and to verify the server, but no to verify the client.
> Does this work and I've got the config wrong?
Maybe I misunderstand what you want --- doesn't leaving out the
server's root.crt file do that?
regards, tom lane