Re: Support for hardware tokens for server/replication private key

Поиск
Список
Период
Сортировка
От Magnus Hagander
Тема Re: Support for hardware tokens for server/replication private key
Дата
Msg-id CABUevEzw1paQWd8nbbz+G=WPhdR1fWKZwxnWV=MOOomxD3m=1Q@mail.gmail.com
обсуждение исходный текст
Ответ на Support for hardware tokens for server/replication private key  (mdaswani <md@quintessencelabs.com>)
Ответы Re: Support for hardware tokens for server/replication private key  (mdaswani <md@quintessencelabs.com>)
Список pgsql-general
Дерево обсуждения
On Thu, Dec 3, 2015 at 5:31 AM, mdaswani <md@quintessencelabs.com> wrote:
Hi,

Postgres allows client-side SSL requests to use secret keys on hardware
tokens via OpenSSL engine support. Is there an equivalent way to store the
server key on a hardware token.

Similarly, is it possible to specify private keys on a hardware token for
replication connections? Does the sslkey parameter of the primary_conninfo
string in the recovery.conf file accept an OpenSSL Engine token key?

While I haven't tested it and haven't heard of anybody else who has, it should work. From a libpq perspective ,the replication standby is "just another client", so any parameters that work for libpq should work there. 

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

В списке pgsql-general по дате отправления:

Предыдущее
От: Sylvain MARECHAL
Дата:
Сообщение: Re: bdr manual cleanup required
Следующее
От: Berend Tober
Дата:
Сообщение: Deletion Challenge