Обсуждение: Missed information about clientname=CN option
The following documentation comment has been logged on the website: Page: https://www.postgresql.org/docs/16/auth-cert.html Description: Hello. This page missed information about supported clientname=CN/DN option and describes only `map` option. Also `clientcert` is described not in format. I expect it was documented under `map` as next list item of supported options. Thank you.
On Wednesday, January 31, 2024, PG Doc comments form <noreply@postgresql.org> wrote:
The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/16/auth-cert.html
Description:
Hello.
This page missed information about supported clientname=CN/DN option and
describes only `map` option.
Also `clientcert` is described not in format. I expect it was documented
under `map` as next list item of supported options
The description for pg_hba.conf auth-options covers this. Since those two options do not only apply to cert but any hostssl entry it was chosen to document the ssl related options on the pg_hba.conf page. I do see value in pointing the reader back to that location from the cert page though. Or maybe move the wording to the cert page and replace the content in pg_hba.conf with a link to there. Leaning toward the later ATM.
David J.
> On 1 Feb 2024, at 08:35, David G. Johnston <david.g.johnston@gmail.com> wrote: > maybe move the wording to the cert page and replace the content in pg_hba.conf with a link to there. Leaning toward thelater ATM. That sounds like the best option IMHO, care to propose a patch? -- Daniel Gustafsson
On Thu, Feb 1, 2024 at 3:16 AM Daniel Gustafsson <daniel@yesql.se> wrote:
> On 1 Feb 2024, at 08:35, David G. Johnston <david.g.johnston@gmail.com> wrote:
> maybe move the wording to the cert page and replace the content in pg_hba.conf with a link to there. Leaning toward the later ATM.
That sounds like the best option IMHO, care to propose a patch?
Done here:
The material here needed some attention too, both on its own and to fit in with the changes to the client authentication section.
David J.