> I'm not sure whether our current SSL support does a good job of this
> --- I think it only tries to check whether the server
> presents a valid certificate, not which cert it is. Possibly
> Kerberos does more, but I dunno a thing about that...
If you stick a root certificate (root.crt in ~/.postgresql) for it to
validate against, it will be validated against that root. I'm not sure
if it validates the common name of the cert though - that would be an
issue if you're using a global CA. If you're using a local enterprise
CA, that's a much smaller issue (because you yourself have total control
over who gets certificates issued by the CA).
The way our Kerberos implementation is done, it does *not* validate the
server, just the client. If you want server verification, you must use a
combination of both Kerberos and SSL.
//Magnus