Re: doc patch for ssl in server

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: doc patch for ssl in server
Дата
Msg-id 9752.1095971872@sss.pgh.pa.us
обсуждение исходный текст
Ответ на doc patch for ssl in server  (Dominic Mitchell <dom@happygiraffe.net>)
Ответы Re: doc patch for ssl in server
Список pgsql-patches
Дерево обсуждения 
Dominic Mitchell <dom@happygiraffe.net> writes:
> +   If verification of client certificates is required, place the
> +   certificates of the <acronym>CA</acronym> you wish to check for in
> +   the file <filename>root.crt</filename> in the data directory.  When
> +   present, a client certificate will be requested from the client
> +   making the connection and it must have been signed by one of the
> +   certificates present in <filename>root.crt</filename>.  If no
> +   certificate is presented, the connection will be allowed to proceed
> +   anway.

That last statement is not actually correct, is it?  AFAICS we do tell
SSL to enforce certificates if we find a valid root.crt file.

            regards, tom lane

В списке pgsql-patches по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: psql: rollback only last query on error
Следующее
От: dom@happygiraffe.net (Dominic Mitchell)
Дата:
Сообщение: Re: doc patch for ssl in server