Re: hba_conf hostssl clientcert=1 no longer required in 9.4

Поиск
Список
Период
Сортировка
От Srikanth Venkatesh
Тема Re: hba_conf hostssl clientcert=1 no longer required in 9.4
Дата
Msg-id CAOwxV4ojDe5VJ3V517J2egTMNUy+UHDuK5TfV+Kqkw9mADWNSw@mail.gmail.com
обсуждение исходный текст
Ответ на Re: hba_conf hostssl clientcert=1 no longer required in 9.4  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-docs
Дерево обсуждения
So, one has to use "cert clientcert=1" and not just "cert" in hba_conf? So "clientcert" is an auth-method option of "cert"? That isn't exactly clear in the hba_conf documentation - https://www.postgresql.org/docs/9.4/static/auth-methods.html#AUTH-CERT . That part of the document doesn't mention what you just said.

On Fri, Jul 15, 2016 at 6:33 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Srikanth Venkatesh <srix55@gmail.com> writes:
> I guess it should mention that setting the parameter to 1 is no longer
> required... and that the default is 1 for "cert".

In what way is it no longer required?  Without that flag set, there's
no insistence on a validated client cert.

                        regards, tom lane

В списке pgsql-docs по дате отправления:

Предыдущее
От: Alexander Law
Дата:
Сообщение: 'Do not not' in pg_receivexlog.sgml and pg_recvlogical.sgml
Следующее
От: Magnus Hagander
Дата:
Сообщение: Re: 'Do not not' in pg_receivexlog.sgml and pg_recvlogical.sgml