Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request
В списке pgsql-bugs по дате отправления:
| От | Craig Ringer |
|---|---|
| Тема | Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request |
| Дата | |
| Msg-id | 4BFC603A.8050201@postnewspapers.com.au обсуждение исходный текст |
| Ответ на | Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request
|
| Список | pgsql-bugs |
On 26/05/10 07:37, Tom Lane wrote: > Craig Ringer<craig@postnewspapers.com.au> writes: >> I do *not* have the CA cert concatenated onto server.crt. I'll have to >> see if that works, because that's how it's usually done with OpenSSL. > > Hmm. That case doesn't work for me; what does work is including the > intermediate cert in the server's root.crt. Sorry, that was my poor choice of words. s/the CA cert/the full certificate chain/g It is the intermediate certs that the client may not have that are the important ones. 'the CA' I was referring to was the _intermediate_ CA, eg the company sub-CA; I just needed to be (a lot) clearer about it. -- Craig Ringer
В списке pgsql-bugs по дате отправления:
Сайт использует файлы cookie для корректной работы и повышения удобства. Нажимая кнопку «Принять» или продолжая пользоваться сайтом, вы соглашаетесь на их использование в соответствии с Политикой в отношении обработки cookie ООО «ППГ», в том числе на передачу данных из файлов cookie сторонним статистическим и рекламным службам. Вы можете управлять настройками cookie через параметры вашего браузера