On 21 okt 2008, at 10.04, Peter Eisentraut <peter_e@gmx.net> wrote:
> Magnus Hagander wrote:
>> Robert Haas wrote:
>>>>> How can you make that the default? Won't it immediately break
>>>>> every
>>>>> installation without certificates?
>>>> *all* SSL installations have certificate on the server side. You
>>>> cannot
>>>> run without it.
>>> s/without certificates/with self-signed certificates/
>>>
>>> which I would guess to be a common configuration
>> Self-signed still work. In a self-signed scenario, the server
>> certificate *is* the CA certificate.
>
> But the user needs to copy the CA to the client, which most people
> probably don't do nowadays.
True. I'll update the docs to make this even more clear, for those who
don't know ssl. I still consider that a feature and not a problem ..
/magnus
