On Tue, May 31, 2011 at 10:06, Craig Ringer <craig@postnewspapers.com.au> wrote:
> On 31/05/11 15:40, Asia wrote:
>
>> Would you please advise what I am doing wrong? Or maybe there is other way to generate wildcard certificate ? Or
maybethis is a possible bug?
>
> I wouldn't be surprised if libpq didn't support wildcard certificates at
> all. I doubt there's ever been any demand for them.
It certainly does, and it's an important feature.
However, it's not intended to be used with IPs, it's intended to be
used with hostnames. The wildcard pattern has to start with "*."
(including the dot) to be considered. Thus a simple '*' in the
wildcard will not work, and anything starting with '*.' will never
match all IPs.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/