On 01/04/2017 03:48 PM, Magnus Hagander wrote:
> On Wed, Jan 4, 2017 at 3:47 PM, Tom Lane <tgl@sss.pgh.pa.us
> It does not; what would be the point, if the key would be lost at
> SIGHUP?
>
> If we lost it, yes. But we could keep the old key around if it hasn't
> changed, thus behave just like we did in <= 9.6.
That means storing the pass phrase in the memory of the postmaster,
which does not sound like a terribly good idea to me, but I have never
used keys with pass phrases for daemons so it might be a common solution
which is acceptable by many.
> If any of those number of people want to step up and design/implement
> a non-broken solution for passphrases, that'd be fine with me. But
> I would want to see something that's actually a credible solution,
> allowing the postmaster to be started as a normal daemon. And working
> on Windows.
>
> Well, for all those people 9.6 worked significantly better... Because
> they could reload *other* config parameters without failure.
A possible solution might be to only add the error throwing hook when
loading certificates during SIGHUP (and at Windows) and to work as
before on startup. Would that be an acceptable solution? I could write a
patch for this if people are interested.
Andreas