Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request

Поиск
Список
Период
Сортировка
От Craig Ringer
Тема Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request
Дата
Msg-id 4BFC603A.8050201@postnewspapers.com.au
обсуждение исходный текст
Ответ на Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request
Список pgsql-bugs
Дерево обсуждения 
On 26/05/10 07:37, Tom Lane wrote:
> Craig Ringer<craig@postnewspapers.com.au>  writes:
>> I do *not* have the CA cert concatenated onto server.crt. I'll have to
>> see if that works, because that's how it's usually done with OpenSSL.
>
> Hmm.  That case doesn't work for me; what does work is including the
> intermediate cert in the server's root.crt.

Sorry, that was my poor choice of words.

s/the CA cert/the full certificate chain/g

It is the intermediate certs that the client may not have that are the
important ones. 'the CA' I was referring to was the _intermediate_ CA,
eg the company sub-CA; I just needed to be (a lot) clearer about it.

--
Craig Ringer

В списке pgsql-bugs по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request
Следующее
От: Tom Lane
Дата:
Сообщение: Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request